NPC orders Wendy’s PH and Jollibee to take actions against data breach
Two of the country’s largest fast food chains, Wendy’s Philippines, and Jollibee were ordered by the National Privacy Commission (NPC) to take actions against data breach.
In a report by ABS-CBN, Wendy’s Philippines suffered a breach on its website on April 23. On April 26, the fast-food chain notified the commission that its website was infiltrated and that personal data has been exfiltrated, which could include the subject’s name, email address, contact number, and address.
National Privacy Commission issues order obliging Wendy’s Philippines to promptly notify data subjects affected in the breach & wholesale leak of its database last April 23. pic.twitter.com/6GCRzGANUR
— Jacque Manabat (@jacquemanabat) May 4, 2018
The NPC issued an order on May 2, asking Wenphil Corporation to notify its users of the data breach; provide a copy of the server logs, network logs, and traffic logs of its website prior to the breach; and conduct a new Privacy Impact Assessment.
In a report by the Manila Bulletin, Jollibee encountered a similar issue after the initial investigation showed attempts of a data breach. The NPC is coming out with a comprehensive order asking Jollibee to implement an immediate corrective measure either today or by tomorrow.
The National Privacy Commission is the country’s privacy watchdog; an independent body mandated to administer and implement the Data Privacy Act of 2012 and to monitor and ensure compliance of the country with international standards set for data protection.