171,000 Filipinos affected by Uber data breach, firm tells NPC
Around 171,000 Filipinos consisting of drivers and passengers were affected by the Uber personal data breach in 2016, the National Privacy Commission said quoting a report by Uber.
National Privacy Commissioner Raymund Enriquez Liboro said that based on the additional public information made available by Uber, the data is based on the mobile phone numbers included in the transport network company’s registry.
Uber however, said that the exposure of the affected data subjects was limited to their registered name, e-mail address, and phone number.
“We are looking now at the processes and procedures that Uber claims they have taken to ensure that this matter never happens again. We are paying particular attention to the steps taken to ensure that in the future, data breaches of this magnitude will not be concealed from regulators and from affected data subjects,” Liboro said.
In line with this, Liboro said, Uber has been summoned them to appear before the Commission to further explain their data processing operations particularly the organizational, technical and physical security measures Uber Philippines is implementing to protect Filipino drivers and riders.
Liboro has warned that the concealment of data breaches that involve sensitive personal information or data is a criminal offense.
According to Liboro, the commission has received reports of irregular processing following the report of the breach, but “we are still investigating these claims and their link to the 2016 data breach incident. As usual, we expect full cooperation from Uber on these matters.”