(Eagle News)–The National Privacy Commission (NPC) has begun its probe into a reported data breach following an attack on the websites of government organizations and others on April 1.
In a statement on Tuesday, April 23, the NPC said it summoned on Monday officials of the Department of Education (DepEd) offices in Bacoor and Calamba, the province of Bulacan, Taguig City University, the Philippine Carabao Center, Republic Central Colleges in Angeles City and the Laguna State Polytechnic University.
They were made to explain why they did not notify the NPC about the data breach that saw the personal information such as names, addresses, phone numbers, email addresses, and even passwords, of around 2000 subjects accessible via a link within 72 hours.
Under the Data Privacy Act of 2012, Personal Information Controllers “are required to employ organizational, technical, and physical measures to protect personal data,” NPC Commissioner Raymund Enriquez Liboro said.
“This includes the duty to inform data subjects and this Commission if there is a serious data breach,” he added.
