171,000 Filipinos affected by 2016 data breach – Uber
MANILA, Philippines – About 2 weeks after confirming that Filipino users were affected by a 2016 data breach, Uber was able to specify the number of Filipino citizens affected in the incident: 171,000. The number consists of both riders and drivers, but no specific breakdown of each category has been provided. (READ: Uber confirms PH users affected by massive data breach)
The National Privacy Commission (NPC) announced Uber's findings in an email statement on Friday, December 15.
Uber arrived at the number based on the mobile phone numbers included in the service's registry. Aside from these phone numbers, only the affected data subjects' registered name and the email address were exposed, Uber said. This is in line with past statements where Uber said that information such as trip location history, credit card numbers, bank account numbers, or dates of birth were not accessed and downloaded.
The NPC said it's continuing their investigations and was now looking at procedures that Uber claimed it had implemented to prevent future incidents like this, as well as, measures Uber can take to protect Filipino users. They were also looking at steps to ensure that potential data breaches in the future were not concealed from regulators and users of the service.
The NPC also said that they received "reports of irregular processing following the report of the breach" – claims that the NPC said they were still investigating. Uber's Philippine arm has been summoned to appear before the commission to further explain the said details.
Over 57 million were affected globally by this October 2016 data breach, which Uber kept a secret, and for which they paid the hackers $100,000 to destroy relevant data. The hacker, according to a Reuters report, is a 20-year-old man from Florida described by one source as still “living with his mom in a small home trying to help pay the bills,” but one whose full identity remained a mystery. – Rappler.com