The National Bureau of Investigation (NBI), the Philippines’ premier investigative agency, has been struck by a massive data breach, raising concerns over the privacy and security of millions of citizens. A hacker operating under the alias ‘Zodiac Killer’ has taken responsibility for the leak, which allegedly comprises over 3.6 GB of data spanning 2016 to 2024.
The leaked dataset reportedly includes more than 45 million rows of information, with records detailing full names, addresses, transaction IDs, contact details, and even location-specific data of individuals. Particularly alarming is the inclusion of password-protected files, suggesting that sensitive internal records of the NBI might also have been compromised.
The hacker claims the data breach stems from systems linked to NBI clearance applications and financial transactions, crucial services for employment, travel, and legal proceedings. The exposed fields indicate a significant compromise of systems that handle background checks, clearance issuance, and related activities.
The individual behind this cyberattack, known as ‘Zodiac Killer,’ is a new entrant to the dark web ecosystem, with their account created as recently as January 2025. In their single post, they announced the breach, sharing compressed files via file-sharing platforms like Mega.nz.

While the hacker’s motives remain unclear, their calculated approach suggests a deliberate and targeted attack against the NBI, reports Kukublan Philippines.
If verified, the consequences of this breach could be dire. The data in question is highly sensitive, and its exposure could lead to identity theft, financial fraud, and national security concerns.
Despite the gravity of the situation, the NBI has yet to release an official statement addressing the breach, leaving citizens and stakeholders anxious about the next steps.
India has also been facing significant pressures regarding cyber security. Recently, the State Child Protection Society of Madhya Pradesh has been targeted by the FunkSec ransomware, exfiltrating 2 GB of sensitive data.
Moreover, threat actors also targeted Indus Tower, India’s telecommunications giant, was targeted by the Medusa group, which is demanding a ransom of $500,000. Additionally, India’s EdTech platform Wissenhive had fallen prey to the FunkSec ransomware group.
In the News: Dark web drug marketplace, DrugHub, exposes IP address