Hackers break into Jollibee
Internal probe starts
‘We take this matter seriously and have launched an investigation to better understand the scope of the incident. We have implemented response protocols in addition to enhanced security measures to further protect data against threats’
The country’s biggest chain of restaurants, Jollibee Foods Corp., and its restaurant subsidiaries were the latest victims of a data breach, affecting 11 million individuals including customers, the National Privacy Commission (NPC) confirmed on Monday.
“On 22 June, Saturday at 11:38 a.m., the NPC received notification from Jollibee Group of possible unauthorized access to its data lake, which holds data for all companies in the group,” the NPC statement said.
According to the NPC, the compromised data include sensitive personal information, particularly dates of birth and senior ID numbers.
“Approximately 11 million data subjects are affected, the majority of whom are Jollibee customers. Other impacted brands include Mang Inasal, Red Ribbon, Chowking, Greenwich, Burger King, Yoshinoya, and Panda Express,” it said.
Further, Jollibee Foods Corp. has requested an additional 20 days to complete its internal investigation.
On Saturday, Jollibee said it was addressing “a cybersecurity incident” that reportedly affected the company, “in addition to other companies.”
“We take this matter seriously and have launched an investigation to better understand the scope of the incident. We have implemented response protocols in addition to enhanced security measures to further protect data against threats,” it added.