The local hacking group, Pinoy Lulzsec, is at it again. Fresh from defacing a couple of websites yesterday, the group compromised one of the popular fast food chains in the country and dumped their data online for public consumption.
Data of customers who availed of the delivery service of Wendy’s Philippines from 2013 to present are now downloadable online after Pinoy Lulzsec breached the company’s website and obtain their database earlier today. Based on our initial assessment, over fifty thousand customers were affected. Customers’ names, email addresses, phone numbers, and company/home addresses are all easily accessible in the dumped database. Passwords for their Wendy’s online account are also made available publicly.
Wendy’s website is currently down. The company’s IT team might’ve temporarily shut their online services down as they work on the backend. The company has yet to release a statement about the latest breach.
Companies who have been breached are required to report to the National Privacy Commission (NPC) about the incident. Wendy’s Philippines may have already coordinated with the agency about this incident. We’ll keep you posted should there be any updates regarding this matter.
For the meantime, if you’re one of those who have registered for an account with Wendy’s Philippines, you may want to change your email passwords especially if you used the same credentials when you have registered for an account.
***
UPDATE:
As of May 2, 2018, NPC released an order (CIBN no. 18-058) in relation to Wendy’s data breach. A copy of the order can be found here: https://privacy.gov.ph/wp-content/files/pospp/CIDBN_18-058_ORDER_May022018.pdf.
Cidbn 18 058 Order May022018 Wendys Npc by Fjordan Allego on Scribd
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024