Incident Overview

A threat actor operating under the handle "Abduljabar" is allegedly selling extensive email lists associated with multiple Philippine government agencies. The actor claims the data contains millions of email addresses from official government domains spanning various departments and administrative bodies.

The seller's post indicates availability of communication records for several key government organizations, though no sample data has been provided to verify the legitimacy of these claims. The actor has explicitly stated they will not provide samples but promises to provide proof of access to prospective buyers.

The alleged compromised agencies include:

• DSWD.GOV.PH: Department of Social Welfare and Development - millions of email addresses
• DEPEDS: Department of Education (various domains including DEPED ROXAS, DEPED ILO ILO, DEPED AKLAN, DEPED OLONGAPO, and more)
• DICT.GOV.PH: Department of Information and Communications Technology - millions of email addresses
• DOH.GOV.PH: Department of Health - 120,000 email records
• NCDA.GOV.PH: National Council on Disability Affairs - millions of email addresses

The threat actor appears to be targeting potential buyers through private messaging, directing interested parties to contact them at the provided domain address for negotiation and potential transaction.