A data breach that affected over 200,000 records of Parents and students has been discovered by Jeremiah Fowler, a Cybersecurity Researcher. It was found in a database that was not password protected and was connected to the government’s Online Voucher Application Program (OVAP), which provides financial aid to students. The breach included sensitive files containing personally identified information (PII) of students and parents, specifically the Senior High School Program for School Year 2020-2021 (SHS around that school year).
During the application process, student families are required to submit tax documents revealing private financial information, like pay stubs and income details. This also included detailed information from applicants, such as full names, birth data, income, addresses, photos of Identifications, properties owned, and family details, who were potentially at risk. The records were found unsecured, raising concerns over potential unauthorized access to sensitive data.
With the recent email, however, The Private Education Assistance Committee (PEAC) has already discovered the issue on January 5, 2024, and has taken steps to secure the data and investigate the incident. They are cooperating with the National Privacy Commission (NPC) and have submitted a full report. PEAC emphasizes its commitment to data privacy and security and will use this incident to improve its systems and protect information.
Despite this, questions remain about the duration of exposure and the extent of any unauthorized access.
Sources:
https://dailyguardian.com.ph/data-of-students-and…/
https://mindanaotimes.com.ph/over-200-k-student-and…/
Know more about APC at https://apc.edu.ph