The website of Pamantasan ng Lungsod ng Pasig (PLP) has been hacked today. KENT of PHC Cyber Sec is responsible to the attack based on his and his group’s social media posts, and on the message that he left on the website.
KENT is known to compromise websites to alert web administrators of the security issues of the domains that they’re managing. Last year, KENT defaced four Honda Cars Philippines websites – Fairview, Manila, Marikina and Quezon City. Back in 2017, he also hacked the provincial council website of Occidental Mindoro. All these acts share the same message from the hacker – that the websites are not secured and that they need to protect the data stored in it.
As for PLP’s website, it seemed like it’s been abandoned since late last year. There wasn’t any recent update. Even it’s News and Articles’ latest post is dated November of 2019. Either there was no person in-charge in maintaining the website or the contract for any third party service that they may have procured to maintain it already ended.
We would understand if the local government unit of Pasig won’t prioritize this issue at this point. Obviously, they need to focus all their resources in the on-going battle against the COVID-19 pandemic. But, if Pasig City has an IT person hired to maintain this website, then that personnel needs to do his job by fixing the underlying security issues.
Just last week, Pasig City Public Information Office’s official Twitter account was reportedly hacked. Per Mayor Vico Sotto, the hackers posted pornographic content on their Twitter account. The account was quickly recovered.
Apart from PLP, KENT also recently defaced the websites of IT firm CoastalTech, consulting service provider MRC Group, lifestyle website Jinni, business solution distributor Global POS, online merchant Shooter Station, and the domain Valerio[.]ph.
We will contact PLP President’s Office via the email address mentioned on their website to inform them of this security incident. We will also try to reach via Pasig City’s official social media accounts and the other defaced websites.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024
HAHAHA si KEnt nichin hahaha batang tondo yan