The Philippines’ top cybersecurity official has confirmed that alleged hackers have infiltrated the Department of Information and Communications Technology (DICT), raising concerns over internal sabotage and data breaches within the agency tasked with defending the nation’s digital infrastructure.

DICT Secretary Henry Aguda made the admission during an interview on DZRH’s Dos por Dos radio program on June 19, telling anchors Anthony Taberna and Gerry Baja that individuals within the agency have been identified as possible threats.

“May mga nakita na kami. Mayroon na kaming tinatawag na mga persons of interest na tina-trabaho na po ng aming CICC group,” Aguda said, referring to the Cybercrime Investigation and Coordinating Center.

Pressed by Taberna to confirm the allegation, Aguda replied: “May ganoon nga po. Kinokolektahan na namin ng mga ebidensiya… Binabantayan na po namin sila. At mayroon na kaming case buildup sa mga iyan.”

Aguda said the presence of insider threats was uncovered after an internal audit initiated under his leadership. He said case build-up is underway and emphasized the seriousness of the breach, which he tied to flawed hiring practices.

“Nagsisimula ang hacking sa internal problem, yung maling hire ng tao — yan ang maaaring mang-hack s’yo,” he said.

The disclosure has drawn reactions across the tech and cybersecurity community, with concerns of a broader national security breach.

“This isn’t just alarming, it’s a national security breach happening from within,” said Art Samaniego, tech support professional and co-founder of Scam Watch, in a Facebook post. He noted that Taberna had named a person known as “Clammer” during the interview.

However, not all officials welcomed the sweeping allegations. Jeffrey Ian Dy, former DICT undersecretary, defended the agency’s core cybersecurity units, cautioning against discrediting the entire organization.

“To insinuate that the group who has been, in large, successfully defending government against hackers in the past three years are themselves ‘saboteurs’ is not only a stretch, but outright unfair,” Dy said.

He pointed to a series of defensive wins by the DICT’s Cybersecurity Bureau (CSB) and the National Computer Emergency Response Team, citing their role in thwarting millions of attacks and helping other agencies recover from major breaches, including those involving the Office of the President, the Philippine Coast Guard, and PhilHealth.

Dy acknowledged the possibility of a few rogue individuals but urged the public to consider the institution’s broader track record. “Assuming one or two are rotten… we cannot discount the fact that CSB… was and is successful in defending against multiple attacks, including advanced state-level attacks.”

DICT, through its affiliated centers, continues to coordinate with national security agencies and law enforcement to monitor and address the threat.