Uber data breach affected 171,000 Filipinos NPC.
MANILA, Philippines Personal data of an estimated 171,000 Filipinos were exposed in the massive data breach that hit mobile ride hailing application Uber last year, according to the National Privacy Commission. NPC chairman Raymund Liboro yesterday said Uber has made public additional information about the breach, which is believed to have exposed personal data of over 57 million people worldwide.
"We were informed that around 171,000 Filipino citizens consisting of drivers and passengers were affected by the breach. We understand this to be based on the mobile phone numbers included in the registry," said Liboro.
"We were also informed that the exposure of the affected data subjects was limited to their registered name, e-mail address and phone number," he added. Liboro said they have summoned Uber officials in the country to look into their data processing operations to protect Filipino drivers and riders.
"We are looking at processes and procedures that Uber claims they have taken to ensure that this matter never happens again. We are paying particular attention to the steps taken to ensure that in the future, data breaches of this magnitude will not be concealed from regulators and from affected data subjects," he said.
Headlines ( Article MRec ), pagematch: 1, sectionmatch: 1 "We have received reports of irregular processing following the report of the breach, but we are still investigating these claims and their link to the 2016 data breach incident," added Liboro. He reiterated that concealment of data breaches is a criminal offense under the Philippine data privacy law, but NPC has yet to comment on whether or not a criminal case will be filed against Uber.
Uber earlier confirmed that a massive data breach happened last year and that it was concealed by its former chief security officer and one of his deputies. Reports also noted that the officials, who have since left the company, had paid a hacker to recover the stolen data.
The NPC said it is in close coordination with its counterparts in other countries, particularly the Federal Trade Commission of the US, to fully investigate the extent of the breach. Richmond Mercurio