The Philippines recorded 624,400 leaked user accounts in the first quarter of 2026, ranking 21st globally in terms of data breaches, according to a quarterly analysis by a cybersecurity company.
Surfshark said the figure represents a 76.8% increase compared to the previous quarter of 2025, with an estimated five Filipino user accounts leaked every minute between January and March 2026.
The analysis noted that 51% of breached users are potentially at risk of account takeover, which may lead to identity theft, extortion, or other cybercrimes. It also said that, statistically, an average Filipino has been affected by at least one data breach, placing the country among the highest exposure rates in the region at fourth.
Since 2004, the country has recorded 155.6 million compromised user accounts, making it the second most affected in Southeast Asia. A total of 57.6 million unique email addresses and 79.1 million passwords linked to Filipino accounts have been exposed over the same period.
The report also pointed to a broader global trend, with breached accounts worldwide tripling in the first quarter of 2026 compared to the same period in 2025, and increasing by 22% from the previous quarter.
It also highlighted the rapid adoption of artificial intelligence as a possible contributing factor to the expanding digital attack surface. In 2025, 20.2% of companies reported using AI, up from 8.7% in 2023.
According to Tomas Stamulis, Chief Security Officer of Surfshark, increased AI adoption has made digital systems more complex and harder to secure.
“These AI-driven systems also collect and log more detailed user information for automation, analytics, and model improvement. While this improves the company’s efficiency, it also means there are many more systems for businesses to secure, more opportunities for error, and more points where sensitive information such as user credentials and personal data can be exposed. As a result, hackers now have a larger and more complex environment to exploit and execute attacks, including data breaches,” Stamulis said.
He also raised concern over companies requiring users to create accounts and submit personal information even when not necessary.
“For people, a data leak means their personal information is forever on the internet. It’s not a one-time threat that disappears after a user changes their compromised email address and password. It becomes a constant security risk as hackers reuse leaked data, package it into ‘combo lists,’ combine it with new leaks, and resell it repeatedly,” he said. “So even after 10 or 20 years, leaked data is still valuable and can be used against a user to commit fraud, gain access to more data, and steal money.”
Users were advised to practice stronger data hygiene, including limiting the use of personal information online and using alternative identities or email masking services where possible.
