Filipino telecom giant Globe inadvertently leaks personal data of 8,851 subscribers

• The data exposed in the leak includes customers’ names, full postal addresses and email addresses.
• The personal data of these subscribers was sent to the wrong recipients.

Prominent telecom industry in Philippines, Globe, has unknowingly leaked private data of 8,851 customers due to a human error. The personal data of the subscribers were sent to the wrong recipients.

This exposed customers’ sensitive data such as their names, full postal addresses, and email addresses.

What happened?

The issue came into the light when some of the Globe users started tweeting about receiving missent emails.

According to a report from BestVPN.com, Globe had sent out confirmation emails to the registered users as a part of a registration process for a recent promotion campaign. However, the newly registered users and their email addresses got mismatched and they received confirmation emails meant for another user.

Globe has confirmed about the data leak through a post on Facebook.

“Globe Telecom has rectified the issue with affected customers on sending wrong confirmation receipt to another individual and reported the incident to the National Privacy Commission in compliance with regulatory requirements. It was just a case of sending the data registration confirmation receipt to the wrong individual and was not sent en masse or as a group of data” said the notification posted by the firm.

“It only affected prepaid customers who have registered to the On The List program to avail of concert tickets and other music venues of Globe events. About 8,851 customers were affected out of 60 million prepaid customers.”

Actions taken

Upon discovery, the firm was quick at taking action and immediately removed access to potential registrants at the time. It has also informed both the National Privacy Commission (NPC) and the affected customers about the incident.

The NPC is currently evaluating the incident and verifying the information provided to them by the firm. Customers are advised to monitor their online and offline accounts for any suspicious activity. They are also required to change passwords and be careful of phishing attempts.