The official website of the Philippine House of Representatives was temporarily defaced by unauthorized actors on June 13, prompting an incident response from the Department of Information and Communications Technology (DICT) and renewed scrutiny of cybersecurity protections across government digital platforms.

According to the DICT Cybersecurity Bureau and the National Computer Emergency Response Team (NCERT), the incident involved unauthorized modifications to publicly accessible portions of the House website, congress.gov.ph. Authorities said the affected pages contained only publicly available information, with initial assessments finding no evidence that confidential government data or sensitive systems were compromised.

The website has since been restored, while investigations remain ongoing.

A Second Legislative Website Targeted Within Days

The incident follows similar defacement attacks reported against the Senate website earlier in the week, raising concerns about a possible pattern targeting government institutions.

While the attacks appear limited to website defacement rather than data theft or operational disruption, cybersecurity experts often view such incidents as indicators of broader vulnerabilities that could potentially be exploited in more damaging attacks.

Reports linked the activity to groups identifying themselves as hacktivists, with messages reportedly containing protest-oriented or anti-corruption themes.

Authorities have not officially attributed the attacks to any specific organization.

What Website Defacement Actually Means

Website defacement occurs when unauthorized actors gain access to a web platform and alter its appearance or content.

Unlike ransomware attacks or database breaches, the primary objective is often visibility rather than financial gain.

Hacktivist groups frequently use defacements to draw attention to political, social, or ideological causes.

Although such incidents may not always involve theft of information, they can expose weaknesses in security controls, access management, software maintenance, or website infrastructure.

In many cases, cybersecurity teams treat website defacements as warning signs requiring deeper investigation.

DICT Launches Response and Investigation

Following notification of the incident, DICT and NCERT activated incident response procedures and coordinated directly with the House of Representatives to contain and remediate the issue.

According to government statements, efforts focused on restoring normal operations, assessing potential impacts, and implementing additional security measures to prevent similar incidents.

DICT also reiterated that website defacement remains a punishable offense under the Cybercrime Prevention Act of 2012 and said it is coordinating with law enforcement authorities to identify those responsible.

“The DICT remains committed to safeguarding the country’s critical information infrastructure,” the agency said in a statement.

A Growing Challenge for Public Sector Cybersecurity

The incident arrives as government agencies continue expanding digital services and online platforms.

From e-government portals and digital identity initiatives to cloud-based systems and online public services, the public sector’s digital footprint has grown significantly in recent years.

That expansion creates new opportunities for efficiency and accessibility, but it also increases the number of potential targets for cybercriminals, hacktivists, and other malicious actors.

Recent incidents affecting legislative websites highlight the importance of maintaining strong cybersecurity practices across all levels of government infrastructure, including public-facing systems that may appear less critical than internal networks.

At present, there is no indication that the House incident resulted in a broader breach, compromise of sensitive information, or threat to national security systems However, the timing of multiple attacks against legislative websites within the same week is likely to intensify discussions around cybersecurity preparedness, vulnerability management, and digital resilience across government agencies.

As investigations continue, the episode serves as another reminder that cybersecurity challenges increasingly extend beyond protecting data, they also involve preserving public trust in digital institutions and services.

‍