DENR mining bureau hit by alleged 21GB breach, Deep Web Konek says
- Deep Web Konke, DENR
-
Photo courtesy of Pixabay
The Mines and Geosciences Bureau (MGB), an agency under the Department of Environment and Natural Resources (DENR), is facing an alleged 21-gigabyte (GB) data breach, according to a report by cyber threat monitoring group Deep Web Konek.
The claim was made by a threat actor using the alias “PIEYAYA,” who identified themselves as a community member of “DeathNoteHackers”.
The same hacking group also previously identified itself as being behind the recent alleged data breach involving the National Telecommunications Commission (NTC).
In its July 18 report, Deep Web Konek said the threat actor posted the latest claim on a cybercrime forum through an account identified as “[Citizen] DNH.”
“Today, I want to share my frustrations with DENR lately. Of course, we’re also dumping the data of the Mines and Geosciences Bureau (MGB) under DENR,” the actor wrote.
According to Deep Web Konek, the alleged leak contains around 2,900 documents with a compressed size of approximately 21 gigabytes. The files could reach about 25 gigabytes once decompressed.
The threat actor claimed that the exposed materials include survey data, permits, names, signatures, addresses, contact information, geolocation and logistics data, PDF documents, SQL database files, and images.

Courtesy of Deep Web Konek
The actor presented the alleged breach as a protest against the DENR’s handling of environmental and permitting concerns.
In the accompanying statement, the actor accused the agency of acting slowly on concerns raised by communities while allegedly processing permits involving corporations more quickly.
The post cited grievances involving an Aeta Indigenous community in Subic, tree-cutting activities along Quirino Avenue, and alleged water contamination in Nueva Ecija.
The authenticity, source, and full scope of the purportedly exposed files also remain unconfirmed.
“At the time reflected by the post, the claims remain those of the threat actor, and no independent confirmation of the authenticity, scope, or impact of the alleged data exposure is provided in the image,” said Deep Web Konek.
