(Eagle News) — Over 100,000 people in the Philippines were affected by an Uber data breach last year, the National Privacy Commission said.
In a statement on Friday, the NPC said that the 171,000 consist of drivers and passengers, based on additional information provided by Uber itself.
“We were also informed that the exposure of the affected data subjects was limited to their registered name, e-mail address, and phone number,” NPC Commissioner Raymund Enriquez said.
According to Enriquez, the NPC has summoned representatives of Uber Philippines so they could “further explain their data processing operations particularly the organizational, technical and physical security measures Uber Philippines is implementing to protect Filipino drivers and riders.”
He said they have “received reports of irregular processing following the report of the breach.”
“But we are still investigating these claims and their link to the 2016 data breach incident,” Enriquez said.
He said as of now, they were looking at “the processes and procedures that Uber claims they have taken to ensure that this matter never happens again.”
He said they are also “paying particular attention to the steps taken to ensure that in the future, data breaches of this magnitude will not be concealed from regulators and from affected data subjects.”
Uber chief executive officer Dara Khosrowshahi has said that the two information officers who led the response to the breach in 2016 withheld the information about the breach from the public.
The officers have since been fired.