Ransomware victim disclosure
← All victimsDuty Free Philippines
Claimed by Vicesociety · listed 4 years ago
Status timeline
- ListedJan 7, 2023
- Data leakeddate unknown
At a glance
- Group
- Vicesociety
- Status
- Data leaked
- Country
- Philippines
- Sector
- Retail & Consumer
- Listed on leak site
- Jan 7, 2023
About the victim
AI dossier — public-source company profileDuty Free Philippines Corporation (DFPC) is a Philippine government-owned and controlled corporation tasked with operating the duty- and tax-free merchandising system in the Philippines. Its mandate is to augment service facilities for tourists and to generate foreign exchange and revenue for the Philippine government. It operates retail outlets catering primarily to international tourists and returning residents.
- Industry
- Duty-Free Retail & Government Tourism Commerce
Attack summary
Severity: high — DFPC is a government-owned corporation, meaning exfiltrated data likely includes sensitive government financial records, employee PII, and operational data. The 'data_published' status confirms exfiltration rather than encryption-only, elevating severity; however, absence of confirmed medical or large-scale regulated PII detail keeps it at high rather than critical.Vice Society claims to have compromised Duty Free Philippines and has published data, though no specific data size or ransom demand was stated. The disclosure status indicates data has been published, suggesting exfiltration of company files.
Data the group says was taken
AI dossier — extracted from the leak post- Internal company documents
- Government corporation records
- Potentially employee PII
- Potentially financial/revenue data
What the group claims
Duty Free Philippines - In the service of Philippine Tourism. As a government corporation, DFPC is tasked to operate the duty-and tax-free merchandising system in the Philippines to augment the service facilities for tourists and to generate foreign exchange and revenue for the government.
Sources
- Victim sitedfp.com.ph/
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

