SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Unauthorized Access
HighConfirmed

West Visayas State University (WVSU)

A threat actor using the alias '7h3_Er4s3r' gained unauthorized access to multiple WVSU databases including the main campus database and file systems, exposing student and faculty records, credentials, and administrative documents.

June 1, 2025Iloilo City, Western VisayasUnknown records affected

Key Facts

Date of Incident
June 1, 2025
Date Discovered
June 1, 2025
Records Affected
Unknown
Source
Deep Web Konek
Data Types Exposed
Academic recordsPersonal informationAdministrative documentsUsernamesEmail addressesIP addressesAccess timestamps
Response / Action Taken

Deep Web Konek notified WVSU IT Department about the breach.

What Happened

Cybersecurity monitoring group Deep Web Konek reported that a threat actor using the alias "7h3_Er4s3r" gained unauthorized access to multiple databases at West Visayas State University (WVSU) in Iloilo City. The hacker provided screenshots as proof showing unauthorized access to database user account listings with associated metadata.

The compromised systems included:

  • WVSU_MAIN_Campus_DB_00 — the university's main campus database
  • WVSUfiles — the university's file storage system

Deep Web Konek assessed the situation and notified WVSU's IT Department about the breach.

Data Exposed

  • Academic records
  • Personal information of students and faculty
  • Administrative documents
  • User account credentials (full names, usernames, email addresses)
  • IP addresses and access timestamps

Why This Breach Is Significant

The compromise of both the main campus database and the file storage system indicates the attacker gained broad access to WVSU's core infrastructure. The exposure of IP addresses and access timestamps reveals user behavior patterns, and credentials exposure enables further unauthorized access if passwords are reused.

WVSU is one of the largest state universities in Western Visayas, serving thousands of students across multiple campuses. This breach follows a pattern of Philippine universities being targeted in 2025.

How to Prevent This

  1. 1.Secure database access — ensure all databases require strong authentication and are not accessible from the public internet
  2. 2.Implement network segmentation — separate the main campus database from file storage and other systems
  3. 3.Deploy intrusion detection — monitor for unauthorized database access patterns and alert on suspicious queries
  4. 4.Enforce strong password policies — require complex passwords and regular rotation for all database and system accounts
  5. 5.Conduct regular penetration testing — test all university systems for vulnerabilities at least annually
  6. 6.Implement MFA — require multi-factor authentication for all administrative and database access
  7. 7.Encrypt sensitive data at rest — ensure academic records and personal information are encrypted in the database

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    Deep Web Konek — Alleged data breach hits West Visayas State University — hacker '7h3_Er4s3r' shared screenshots of unauthorized access
WVSUIloiloWestern Visayasdatabase accessDeep Web Konek

Related Incidents

High

A state university in Western Visayas

May 20, 2026

Critical

DepEd Tayo Roxas City

March 8, 2026

Critical

DepEd Cordillera Administrative Region (CAR)

November 19, 2025

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources