Fast food giant Jollibee Group suffered a major data breach, compromising the personal information of a staggering 11 million customers.
The National Privacy Commission (NPC) confirmed the incident on Monday, June 24th, after being notified by Jollibee on June 22.
The breach involved unauthorized access to Jollibee’s data lake, a central repository housing information for all its subsidiaries, including Mang Inasal, Red Ribbon, Chowking, Greenwich, Burger King, Yoshinoya, and Panda Express.
While the full extent of the damage is still under investigation, the NPC revealed that compromised data includes sensitive details like birth dates and senior citizen ID numbers.
Jollibee Foods Corporation requested an additional 20 days to complete its internal investigation.
This incident marks the latest in a string of data breaches reported to the NPC. Earlier this month, similar breaches were disclosed by HMO provider Maxicare, car manufacturer Toyota, real estate developer Robinsons Land, and wholesale membership shopping club S&R.
If you suspect that you might be affected by any data breach, contact the data protection officers of the relevant companies and report the incident to the NPC as well.
Source: 1, 2
Image: Jollibee (YouTube)