A data privacy agency in the Philippines has ordered Facebook to provide security measures – which include insurance and credit monitoring services – to hundreds of thousands of Philippines-based users following a recent data breach incident.
Late last month, hackers managed to exploit Facebook’s “View As” tool to hijack the profiles of others. Information such as phone numbers, emails, websites/people followed, and even the last 10 pages users visited – as well as their 15 most recent searches – were left exposed by the attack. Reports have placed the estimated number of global users affected by the breach at around 50 million.
Of that number, close to 800,000 users are in the Philippines. The National Privacy Commission (NPC), a Philippine government agency, is now demanding Facebook ensure there is protection for the vulnerable users.
“Facebook is hereby mandated to submit a more comprehensive Data Breach Notification Report and inform the data subjects in compliance with the provisions of NPC Circular No. 16-03 – Personal Data Breach Management,” said NPC Commissioner Raymund Liboro.
Liboro demanded that Facebook purchase insurance for the affected users, along with other safeguards.
“Due to the nature and exposure of the Filipino data subjects, Facebook must also provide for identity theft insurance or credit monitoring service for free to affected Filipino data subjects; or, in the alternative, establish a dedicated help desk/help center for Filipino data subjects who may be adversely affected by this incident, to provide assistance in identity restoration and other related matters,” he added.
TechnoChops reported that the over 700,000 Philippine-based Facebook accounts that were hacked could be categorized into three groups, based on how vulnerable the attack left them:
- 387,322 accounts had their registered full names, email addresses, and phone numbers illegally accessed.
- 361,227 accounts not only had the above basic information exposed to the attack, but also had their locations, birthdays, relationship statuses, and other similar details left vulnerable.
- 7,424 users had all of the above information potentially stolen by hackers, along with their list of friends, their groups, the names of recent Messenger conversations, and others.