The Philippines recorded a sharp 49 percent increase in data breaches in the third quarter of 2025, exposing more than 52 million credentials in just three months, according to Viettel Cyber Security (VCS).
The figures were released in the Vietnamese company’s Q3 2025 Cyber Threat Landscape Report, during Cybersecurity Awareness Month.
The report highlights how the country’s rapid digital transformation is outpacing its cybersecurity defenses. VCS is the first private company to release a quarterly cybersecurity assessment dedicated to the Philippines.
“Cybersecurity isn’t about fear, it’s about foresight,” said Thomas Luu, country manager at Viettel Cyber Security. “As the Philippines accelerates towards digitalization faster than ever, the importance of security must not be overlooked. Organizations who innovate without the necessary protection in place become vulnerable to risks. Cybersecurity isn’t just a safeguard—it’s an enabler of sustainable digital growth.”
The report warns that artificial intelligence and deepfake technologies are redefining cyberattacks. Criminals are using AI-generated videos, cloned voices, and fake executive communications to deceive employees and partners, while AI-assisted malware makes attacks faster, more targeted, and harder to detect.
VCS recorded 76 data breach incidents in Q3, up from 51 the previous quarter, along with 4.3 million compromised accounts—a 73 percent increase. Phishing attacks reached 7,656, with nearly a third targeting the banking and finance sector. Investigators also found 27 new vulnerabilities across widely used workplace platforms.
Healthcare emerged as the most targeted sector, with cybercriminals exploiting the value of patient data and the growing use of digital health systems. Ransomware attacks have disrupted hospitals and clinics, compromising sensitive medical records. Finance and e-commerce firms remain heavily targeted by phishing and credential theft, while manufacturing, energy, and public services face rising risks from ransomware, supply-chain breaches, and advanced persistent threats.
Beyond large institutions, everyday Filipinos are also falling victim to cybercrime. Stolen personal data is being reused in fake job postings, e-commerce scams, and fraudulent loan applications. Small businesses have reported phishing invoices disguised as legitimate supplier messages.
To build resilience, Viettel Cyber Security recommends regular patching, offline data backups with recovery plans, continuous employee training, and 24/7 threat monitoring or managed Security Operations Center (SOC) services.
“Cybersecurity has become a marker of leadership and trust, especially in an increasingly digital economy,” said Luu. “At Viettel Cyber Security, we partner with organizations to build resilience through managed SOC services. Our SOC empowers businesses to enhance operational efficiency and security management, helping them overcome workforce constraints while ensuring 24/7 protection against evolving cyber threats.”
