GMA Network’s website (gmanetwork.com) has allegedly fallen victim to a significant ransomware attack. According to reports, the incident occurred yesterday, May 7, 2025, marking another high-profile target in the ongoing wave of cyber threats facing major organizations.
Attack Details
The ransomware group “DEVMAN” has claimed responsibility for the attack. Reports also indicate that approximately 65 gigabytes of data may have been exfiltrated from GMA Network’s systems during the breach. The attackers have demanded a ransom of 2.5 million USD for the recovery of the compromised data.
Security analysts familiar with the situation suggest that the breach likely involved both theft and encryption of sensitive information, though the specific nature of the compromised data remains unclear at this time. This dual approach—stealing data before encrypting it—has become an increasingly common tactic among ransomware operators, providing them with additional leverage in ransom negotiations.
Response and Consequences
Following the incident, GMA Network reportedly implemented an update to their website infrastructure in what appears to be an effort to address the vulnerabilities that may have facilitated the attack. However, these remediation efforts may have come too late to prevent the data exfiltration.
In a concerning development, sources indicate that the threat actors have now moved beyond ransom demands to offering the allegedly stolen data for sale to interested parties. This escalation represents a significant threat to both the organization and potentially to users whose information may be contained within the compromised datasets.
Broader Context
This incident comes amid a rising tide of ransomware attacks targeting media organizations worldwide. Such attacks not only threaten the operational capabilities of these organizations but also potentially compromise sensitive journalistic materials and audience data.
Cybersecurity experts continue to emphasize the importance of robust preventative measures, including regular security audits, timely patching of vulnerabilities, employee security awareness training, and comprehensive data backup strategies. The incident serves as a reminder of the persistent and evolving nature of cyber threats facing organizations across all sectors.
GMA Network has not yet issued an official statement confirming the full extent of the alleged breach at the time of this report. We’ve also reached out to the network for comments, but we’ve yet to receive a response.
Emman has been writing technical and feature articles since 2010. Prior to this, he became one of the instructors at Asia Pacific College in 2008, and eventually landed a job as Business Analyst and Technical Writer at Integrated Open Source Solutions for almost 3 years.
