The reported data breach against fast-food giant Jollibee Foods Corp may expose customers to phishing attacks, security experts said.
Phishing tricks people into giving away personal information by pretending to be from a trusted source, like a bank or credit card company, and scammers might try to contact customers through email, phone call, or text message.
Thomas Richards, Principal Security Consultant within the Synopsys Software Integrity Group said: “Data breaches are becoming far too common in recent weeks. Fortunately, in this case, only customer emails were compromised and not private information.”
Richards further said: “While the addresses may already be known publicly, this would allow an attacker to craft targeted phishing campaigns about this brand to elicit the targets to perform an action like reset a password on a malicious landing page resembling the official one.”
The executive added that Jollibee customers “should be diligent of any emails requesting immediate action as that is a warning sign of an attack.”
For Kelvin Lim, Senior Director, Security Engineering, Synopsys Software Integrity Group, “it is important to remember that no company is safe from cyberattacks in light of the recent Jollibee group data leak.”
“Given the damage caused by the attack, Jollibee will need to conduct a comprehensive investigation, put in place extra security measures, and advise customers of the measures taken to prevent such attacks in the future in order to win back their trust,” the executive said.
Philippine media reported that a data breach at Jollibee Foods Corp. has potentially compromised the personal information of 11 million customers.
![](https://techtravelmonitor.com/wp-content/uploads/2024/06/jollibee.png)
The National Privacy Commission (NPC) reported that unauthorized access to the company’s database was detected, affecting various customer details.
The agency said it has been notified by food giant Jollibee Group about the unauthorized access to its data, affecting 11 million data subjects who are mostly customers.
In a statement, the NPC said sensitive personal information, including dates of birth and ID numbers of seniors, has been compromised.
The NPC got the notice from Jollibee on June 22 at 11:38 a.m. “Other impacted brands include Mang Inasal, Red Ribbon, Chowking, Greenwich, Burger King, Yoshinoya, and Panda Express,” the NPC said.
Jollibee is conducting a thorough investigation and collaborating with cybersecurity experts to identify the source of the breach and implement stronger data protection measures. The company has also notified the affected customers and is coordinating with relevant authorities to mitigate the impact of the incident. #jolllibee #databreach #hacking #phishing