Uber PH has not outlined the data exposed in the leak
The National Privacy Commission (NPC) has confirmed that drivers and passengers of Uber in the Philippines were among the users who had their personal information exposed in a massive data breach last year.
“Yesterday, Uber wrote to us in compliance with their commitment to provide more detailed information about their data breach of October 2016,” NPC Commissioner Raymund Enriquez Liboro said in a statement.
“In that letter, Uber confirmed to us that personal information of Filipinos was exposed in the data breach. As such, the National Privacy Commission has jurisdiction over the data breach insofar as it affects these Filipino citizens,” he added.
The data breach was perpetrated last year in October, which saw the personal information of 57 million Uber users around the world held hostage by two hackers. Then CEO Travis Kalanick paid the hackers $100,000, and instructed them to delete the information and keep the breach quiet.
The hack was only revealed a few days ago when current CEO Dara Khosrowshahi revealed the breach during an interview with Bloomberg.
Even now, Uber has not shared any information about the breach and the scope of how it affects Philippine-based riders and drivers.
“Unfortunately, Uber failed to provide the level of detail that we expect from personal information controllers about data breach notifications, such as the number of Filipinos affected, and the scope of their exposure,” Liboro said.
“If so qualified, those responsible for the concealment of the breach and for the exfiltration of the data may face serious civil and criminal liability,” he said.
“We are not here to merely prosecute offenses against data privacy, but to work with all stakeholders to ensure that we keep moving toward a safer data ecosystem where data flows freely and securely,” he added.
All Credit Goes There : Source link