January 21, 2019. Local pawnshop and remittance firm Cebuana Lhuillier has suffered a data breach exposing personal data of its over 900,000 clients (or 3% of its entire clientele).
In a statement by P.J Lhuillier Group of Companies, the Cebuana Lhuillier’s email server that is used for marketing purposes suffered a data breach. The breach exposes personal information of their clients such as their birthdays, source of income, and addresses.
The company said it immediately coordinated with the National Privacy Commission (NPC) to investigate the matter. Affected clients were also notified.
Cebuana Lhuillier said its main server which, among others, contain client transaction details, was not affected by the data breach.
NPC said company representatives informed the agency on January 18 and has committed to submit a more detailed report on the incident.
Previously, it was announced that Cebuana Lhuillier has partnered with Ripple to use xCurrent, its enterprise software solution that allows “instant” cross border payment settlements.
Currently, users of Central bank licensed cryptocurrency wallet services – Coins PH and Rebit list Cebuana Lhuillier as a cashout partner, allowing their users to receive money via the pawnshop’s numerous local outlets.
This story first appeared at BitPinas on January 21, 2019: Philippines Local Remittance Cebuana Lhuillier Hit by Data Breach