Tag Archives: Pinoy LulzSec Kangk0ng

Hackers compromise websites of Philippine Army, AFPSLAI

Screenshot of the defaced website of Philippine Army’s recruitment page with a link to download a database at the bottom. Photo credits to Art Samaniego, Jr.

Fresh from his recent attack to Cebu Pacific’s GetGo, kangk0ng of Pinoy LulzSec defaced another website – the recruitment portal of Philippine Army – jointhearmy[.]ph.

Similar to what he did with GetGo, kangk0ng claimed that he was able to access a database containing personal information from the compromised Philippine Army‘s recruitment website – Join The Army. He even allowed it to be downloaded publicly. The said database contains personal details of over 50,000 applicants. The Philippine Army was quick to turn down the site.

Manila Bulletin’s IT journalist Art Samaniego Jr was able to reach out with kangk0ng. The hacker said that he’s got three reasons for doing these – “First to make a point, second to make a mess and third to have fun.”

We’ve heard similar lines from other hackers typically from members of Pinoy LulzSec. The hacker also added that “he will continue defacing until the government wakes up and prioritize cyber security.”

On the other hand, the Armed Forces and Police Savings & Loan Association, Inc. (AFPSLAI) was also hacked. In a Facebook post, PHC Cyber Sec claimed responsibility for the attack. It wasn’t clear if they are related to kangk0ng and his group Pinoy LulzSec but a certain elkapitan commented that they were disappointed that the IT personnel working behind the website did not even bother to acknowledge their efforts in reporting security issues.

On a separate FB post, a certain majorproblem also from PHC Cyber Sec revealed some scanned copies of identification cards (IDs) presumably account holders of AFPSLAI. His caption bears the same tone as elkapitan‘s. He’s even suggesting to replace the website administrator of the company.

AFPSLAI is known to be the provider of financial products and services to military and police officers, retirees and their immediate family. The institution is listed as private and is supervised by the Bangko Sentral ng Pillipinas.

Related Posts:

Pinoy LulzSec hacks CebPac’s GetGo; warns large data breach

Cebu Pacific Air’s rewards program GetGo was hacked earlier today by Pinoy LulzSec. In a statement released on their official Twitter account, the notorious hacking group warned that a “large data breach is coming”.

Led by kangk0ng, Pinoy LulzSec defaced the webapi subdomain of GetGo and hinted that they managed to access the active directory of the organization including its parent company – the low-cost airline Cebu Pacific.

GetGo was quick to take down the defaced page but the group secured a mirror copy as evidence of their attack.

As of this writing, Pinoy LulzSec has yet to announce when are they going to release more details about the supposed ‘data breach’.

The group also tagged the National Privacy Commission’s (NPC) official Twitter account to call the airline’s attention and issue a breach notification.

This article will be updated as soon as we get new developments about this news.


April 25, 2019 – Cebu Pacific Air released an advisory confirming the unauthorized access that happened in their GetGo application server. The said compromised server does not contain any credit card information. The company has since applied the necessary security measures.

April 25, 2019 – NPC also released a press statement detailing the initial reports sent by Cebu Pacific to their office.

Related Posts: