Multiple subdomains of the Department of Health (DOH) has been compromised by a hacker named Sanji. In a report sent to Blogger Engineer, the culprit was also behind the defacement of these same DOH subdomains back in December 2018.

Among those that were hit are DOH’s Epidemiology Bureau, Health Facilities and Services Regulatory Bureau, Health Planning Division, and even their Information Technology Infrastructure and Security Division.

Back in December 2018, Anonymous Philippines posted on their Facebook Page the proof of the attack. Sanji’s affiliation then was with Hawk Cyber Army. We’re not sure yet how this group is related to Anonymous Philippines and to Philippine CyberSecurity. What we do know is that Sanji, despite confusions with his group affiliations, is the main person behind the attack.

Sanji is seemed to be driven by the Dengvaxia reports back then and was most likely triggered to hit back DOH with the recent news of measles outbreak believed to be caused by the Dengvaxia scare last year.

Blogger Engineer will have this coordinated with DOH.

***Update***

February 23, 2019: We tried contacting DOH-ITISD Hotline but unable to get hold of someone. We sent an email instead and reported this security incident to 8888 under the Reference #: G20190223-135-3.

February 24, 2019: EmzTV Official published a video how Sanji exploited the vulnerability found in DOH website. Watch the video below:

Fjordan Allego
Follow me

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.