/ AFP / Getty Images North America / Justin Sullivan/
(Eagle News) — The National Privacy Commission on Tuesday confirmed that data of Filipino Uber users were among the data stolen in a breach late last year.
In a statement, the NPC said this was based on information provided by Uber Philippines on Monday, over a year after the hack was reportedly deliberately hidden from the public by Uber’s US office.
Uber Philippines said it had no prior knowledge about the breach that saw “some personal information of 57 million Uber users” across the globe compromised.
“Unfortunately, Uber failed to provide the level of detail that we expect from personal information controllers about data breach notifications, such as the actual number of Filipinos affected, and the scope of their exposure,” the NPC said.
Although Uber has “repeatedly asserted that there has been no evidence of fraud or misuse tied to the incident,” the NPC said the “concealment of a data breach bears serious consequences under the Data Privacy Act of 2012.”
“If so qualified, those responsible for the concealment of the breach and for the exfiltration of the data may face serious civil and criminal liability,” he said.