- Information that could have been affected in the breach includes birth dates, addresses and source of income.
- However, no transaction details or information were compromised in the incident.
Financial services firm Cebuana Lhuillier disclosed that it has suffered a breach that may have resulted in the compromise of personal information of around 900,000 of its clients.
Type of information compromised
Information that could have been affected in the breach includes birth dates, addresses and source of income. However, the firm has confirmed that no transaction details or information were compromised in the incident and that the firm’s main servers also remains safe and protected.
The company reported that the breach was discovered after they noticed a data breach in one of their email servers that were used for marketing purposes. Attempts to access the server was detected on January 15, although the firm claims that unauthorized downloads had taken place on the 5th, 8th, and 12th of August, 2018.
Upon discovery of the breach, Cebuana Lhuillier was quick at taking preventive measures. It informed the National Privacy Commission about the breach and worked with them in implementing safety measures to protect the personal data of clients.
"We are committed to ensuring the data privacy of our clients and adhere to strict security protocols in protecting our interests. We will provide additional information regarding the incident as soon as it becomes available,” said Cebuana Lhuillier in a statement, ABS-CBN reported.
As a part of the precautionary measure, the firm has also notified all affected clients and provided guidance on how to protect their personal data from future attacks. It has also urged its customers to change the passwords of their accounts.