The Cybercrime Investigation and Coordination Center (CICC) and the Department of Information and Communications Technology (DICT) eGov development team advise cybersecurity enthusiasts to exercise caution when reviewing information about data breaches on the Breach forums, as highlighted by the recent fake eGovPH hack post.

CICC Executive Director Alexander K. Ramos revealed that the alleged eGovPH data breach in the Breach Forums is nothing more than a false allegation of hacking.

“The Breach Forums user named GR3GGM3RC3R who we are investigating and who claimed to have hacked the eGovPH app is a scammer and not a real hacker. He is attempting to defraud forum members by falsely claiming to possess sensitive data,” Ramos said.

David Almirol, DICT Undersecretary for Electronic Government, who is leading the development of the eGovPH application, assured the public that the eGovPH application is reinforced with multiple security measures, ensuring its security.

“Besides the eGovChain encryption and security of the eGovPH app, we also have a key attached for each data, which is an additional security measure,” Almirol explained. “If someone claims to have hacked the system but cannot provide the key, their claim is false,” Almirol added.

Breach Forums is an infamous Dark Web platform that gained notoriety as a hub for cybercriminals and hackers to trade stolen data and illicit digital goods. Often operating in the shadows of the dark web or through anonymized platforms, Breach Forums facilitates the sale of sensitive information such as personal identities, financial details and corporate data obtained through cyberattacks, phishing campaigns or ransomware operations. This market allows cybercriminals to profit from their illegal activities, contributing to a dangerous ecosystem of data breaches and identity theft.

Ramos said he received information that the Breach Forums user GR3GGM3RC3R he is investigating had been banned for scamming. “Using an anonymizer, some affected users contacted the account holder to request data samples to verify the alleged eGovPH violation. However, the scammer was unable to provide the requested evidence, thus exposing this claim as a hoax,” Ramos said.

“As concerned users reported this incident to the platform, Breach Forums permanently banned the fake hacker GR3GGM3RC3R to prevent him from misleading others with non-existent data. Known for extorting Bitcoin payments by leveraging fraudulent claims, this scammer’s modus operandi involves intimidating victims by alleging access to personal information, often obtained from questionable or fabricated sources,” Ramos added.

Almirol said Breach Forums thrives on enabling illegal activity but, paradoxically, enforces its code of conduct to preserve its credibility and functionality.

“We are coordinating with the CICC because the existence of Breach Forums on the dark web highlights the critical need for strict cybersecurity measures, international cooperation to combat such platforms and the broader cybercrime ecosystem that they support,” Almirol said.

Filipino cybersecurity group Deep Web Konek reported on its blog the false data breach claim posted on the Breach forums by now-banned user GR3GGM3RC3R, sparking concerns within the cybersecurity community.

Comments