Romblon State University (RSU) is battling to regain control of its official Facebook page after hackers infiltrated the account on Wednesday afternoon, May 30, 2024. 

The university said in a statement that they discovered the compromise around 4 p.m. and have since been working to reclaim ownership.

“Upon realizing the breach, we promptly submitted an appeal to Meta in an effort to regain control of the page,” the RSU Media and Public Affairs Office stated on May 29.

The university believes the hackers gained access through a “Claim of Ownership” request, a tactic where an unauthorized individual tricks Facebook into believing they are the rightful owner of the page.

This is the second social media security incident for RSU in a month. In late April, hackers breached the university’s internal system, stealing personal information of students and faculty.

University officials are urging the public to refrain from sharing any content currently posted on the compromised Facebook page. They are also asking for the community’s help in expediting the recovery process.

“We kindly ask for your cooperation in reporting the inappropriate content. Your reports will assist Facebook in expediting the review and resolution of our appeal,” the university said.

Meanwhile, the National Privacy Commission (NPC) has tightened its grip on data security with stricter rules. 

Companies must report data breaches within 72 hours to the government and affected individuals, with a new online system making the process faster.

The NPC wants to know right away, especially if a lot of people are affected (over 100) or if the leak involves sensitive information like financial details. In these cases, they need a report even if the company is not sure of all the details yet.

To make things easier, the NPC launched a new online system called the Data Breach Notification Management System (DBNMS) in April 2022. This is the only way to report breaches now, not via emails, filing forms, or sending snail mails.

RSU did not specify the nature of the “unrelated content” being posted by the hackers. The university did not say how long it might take to regain control of the Facebook page.