NPC starts probe on Cebuana Lhuillier data breach

/ 03:41 PM January 19, 2019

MANILA, Philippines — The National Privacy Commission (NPC) on Saturday said it has started investigating the data breach that hit one of the email servers of Cebuana Lhuillier.

“This incident is now under investigation,” Privacy Commissioner Raymund Enriquez Liboro said in a statement.


According to Liboro, representatives of Cebuana Lhuillier sought the NPC’s assistance on Friday following the breach that affected some 900,000 of its clients.

Read more Data breach hits Cebuana Lhuillier, around 900k clients affected


Liboro added that Cebuana Lhuillier also assured the NPC of its cooperation in the conduct of the probe.

“At the meeting, they committed to submit a more detailed report regarding the data breach,” Liboro said.

“Cebuana Lhuiller informed us that it has engaged the services of a third party information security service provider to handle their mitigation and response to this incident,” he added.

Liboro however noted that the NPC is still waiting to receive additional details such as the scope and severity of the breach.

“Cebuana Lhuiller has 72 hours from discovery of a data breach to report the same to the Commission and affected data subjects. The data subject notification must be done individually, and not further expose the data subject to more harm,” he said.  /muf

Read Next
Don't miss out on the latest news and information.
View comments

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

For feedback, complaints, or inquiries, contact us.

© Copyright 1997-2020 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.