(Eagle News)—The National Privacy Commission said on Saturday, Jan. 19, that it was investigating the data breach affecting data of the clients of remittance and pawning firm Cebuana Lhuillier.
In a statement, NPC Commissioner Raymund Liboro said this was following the firm’s report of the breach on Friday, Jan. 18, that may have reportedly led to the leak of personal information that include the mobile number, names, birth dates, email addresses and even income data of around 900,000 clients.
“Cebuana Lhuiller informed us that it has engaged the services of a third party information security service provider to handle their mitigation and response to this incident,” Liboro said.
He said at the meeting, the firm “committed to submit a more detailed report regarding the data breach.”
“Cebuana Lhuiller has 72 hours from discovery of a data breach to report the same to the Commission and affected data subjects. The data subject notification must be done individually, and not further expose the data subject to more harm,” he said.