It can be remembered that the National Privacy Commission (NPC) ordered Jollibee Foods Corporation earlier this year to shut down their online delivery platform jollibeedelivery.com due to identified critical vulnerabilities that the company has yet to address. The agency’s suspension order is reported to be ‘indefinite’ until such time that the company fully addressed the issues that could lead to massive data breach.
NPC’s order does not include the official website of the fast food giant but it seemed like the agency needs to expand their audit to include all other online services of the company. A report sent to us confirmed that a hacker recently managed to deface a subdomain of Jollibee. As of this writing, we have yet to confirm if the attack was just a mere defacement or a full-blown data breach but that doesn’t change the fact that unauthorized entities were able to penetrate the company’s online platform.
X-m3n of the notorious hacking group Pinoy Lulzsec toyed with Jollibee’s subdomain eventually defacing the page.
We checked the group’s social media accounts to follow their press releases about this recent attack and found a post where Pinoy LulzSec was just laughing at the company.
We will get in touch with Jollibee to get their side on this and also to take down the page as it has been up for more than two weeks now.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024