Viettel Cyber Security reveals 52M credentials in data breaches in PH

CEBU – One of Asia’s leading cybersecurity firms--Viettel Cyber Security revealed that the Philippines’ exposure to cyber threats has expanded to a recorded 49 percent in data breaches, exposing over 52M credentials in just three months for the third quarter of 2025.

 

“Cybersecurity isn’t about fear, it’s about foresight. As the Philippines accelerates towards digitalization faster than ever, the importance of security must not be overlooked. Organizations who innovate without the necessary protection in place become vulnerable to risks. Cybersecurity isn’t just a safeguard—it’s an enabler of sustainable digital growth,” said Thomas Luu, Country Manager at Viettel Cyber Security.

 Luu, speaking at a Cybersecurity Awareness Month forum, released its Q3 2025 Cyber Threat Landscape Report that underscores how the country’s rapid digital transformation continues to outpace its defenses. This positions Viettel Cyber Security as the first private company to release a quarterly cybersecurity assessment specific to the Philippines.

According to Luu, the report showed how nature of cyber threats is rapidly changing with 76 data breach incidents up 49% from Q2’s 51 cases; 4.3 Million compromised accounts, a 73% rise from 2.5 million last quarter; 7,656 phishing attacks — with 31% aimed at banking and finance and 27 new vulnerabilities, found in various platforms which are used every day in workplaces.

The report said that the healthcare sector has emerged as the top target for cybercriminals, driven by the growing value of patient data and the increasing adoption of digital health systems. Hospitals and clinics have become prime targets for ransomware attacks that can disrupt critical operations and compromise sensitive medical information.

Other sectors facing heightened risk include finance and e-commerce, which continue to be exploited through phishing, credential theft, and data exfiltration. Meanwhile, manufacturing, energy, and public services are most exposed to ransomware, supply-chain compromises, and advanced persistent threats (APTs).

Beyond institutions, more ordinary Filipinos are becoming victims to these threats. Leaked personal data is being reused in fake job listings, e-commerce scams, and fraudulent loan applications. People who reuse passwords across accounts are especially vulnerable, while small businesses are being hit with phishing invoices disguised as messages from legitimate suppliers.

Luu noted that AI and deepfake technologies have begun to reshape the anatomy of cyberattacks. Cybercriminals now use AI-generated videos, cloned voices, and fake executive communications to deceive employees and partners. Combined with AI-assisted malware, these attacks are faster, more targeted, and harder to detect—ushering in an era where deception has become industrialized.

The Need for Cyber Resilience

Viettel Cyber Security recommends a four-pronged strategy for companies to stay resilient amid growing cyberthreats. This includes regular patching and software updates to close known vulnerabilities, maintaining offline data backups supported by clear disaster recovery procedures, and continuous employee training to enhance awareness and minimize human error. Equally vital is round-the-clock threat monitoring or the use of managed Security Operations Center (SOC) services to ensure early detection and quick response to potential breaches.

“Cybersecurity has become a marker of leadership and trust, especially in an increasingly digital economy. At Viettel Cyber Security, we partner with organizations to build resilience through managed SOC services. Our SOC empowers businesses to enhance operational efficiency and security management, helping them overcome workforce constraints while ensuring 24/7 protection against evolving cyber threats,” Luu said.

To learn more about the Viettel Cyber Security and the Cyber Threat Landscape Report, visit https://viettelsecurity.com.