We want to inform everyone that three Philippine universities recently experienced data security incidents:
1. Naga College Foundation Inc. (Aug 20)
Suspected data breach. The school has already reported the incident to the privacy regulator.
2. University of San Carlos (Aug 21)
A personal data breach occurred after students received phishing emails. IT system vulnerabilities were found. The threat actor claims 155,000 student records were affected (full names, addresses, dates of birth, LRN).
3. University of the Philippines Mindanao (Aug 23)
A personal data breach affected 19,000 student and faculty records, including personal details, enrollment data, and email addresses.
With this, we again urge everyone in the DLSZ Community (students, Lasallian Partners, parents, alumni, and external service personnel) to remain vigilant against phishing activities.
- Check the email address of the sender, not just the sender’s name.
- Do not reply to suspicious emails and do not click links.
- Do not provide any personal data, login credentials (e.g., username and password), or other sensitive information via a link, text, or call.
- Report all suspicious emails sent to your DLSZ accounts to the DPO at dataprivacy@dlszobel.edu.ph and to the ISTS at ists@dlszobel.edu.ph
We expect that all database administrators must ensure the utmost security of all personal data at all times, such as using strong passwords, ensuring controlled access to data, and encrypting data, among others.
Thank you for your cooperation.