[BreachExchange] Philippine financial service firm flags data breach affecting 900, 000 clients

Audrey McNeil audrey at riskbasedsecurity.com
Tue Jan 22 10:57:56 EST 2019


https://www.reuters.com/article/us-philippines-cebuanalhuillier-data-idUSKCN1PD078

Cebuana Lhuillier, a Philippine financial service provider, said on
Saturday that the data of 900,000 clients had been accessed without
authorization and that it had already alerted authorities to investigate
the incident.

The breach came as Philippine investigators were looking into allegations
by the country’s foreign minister last week that a privately contracted
firm took away documents and data from the Department of Foreign Affair’s
passport database.

Cebuana Lhuillier, whose services include pawning, remittance,
microinsurance, and business to business micro loan solutions, said some
information like birthdays, addresses and sources of income, were affected
in the breach involving an email server used for marketing.

“It’s just a very small portion of our clientele. The main server
containing all clients of Cebuana Lhuillier remains protected and
uncompromised”, said Richard Villaseran, the company’s corporate
communications division head.

He added the company’s clients had been advised how to further protect
their personal information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20190122/3cc18b27/attachment.html>


More information about the BreachExchange mailing list