By Charissa Luci-Atienza
The chairman of the House Committee on Banks and Financial Intermediaries on Saturday called on the Bangko Sentral ng Pilipinas (BSP), top bank officials, and their information technology security experts to put in place effective security countermeasures following the latest data breach at Cebuana Lhuillier that puts at risk around 900,000 customers.
Leyte Rep. Henry Ong sounded the alarm after the diversified financial services firm reported the data breach.
“I am deeply concerned about this latest data breach or hacking incident involving Cebuana Lhuillier customers and the data hijacking of passport data. These data security incidents are not the only recent ones,” he said.
He noted that these past several years, the Philippine banking system, as reported in the news media, has been subjected to hacking attacks.
“I am asking the Bangko Sentral ng Pilipinas, the top officials of the banks and financial intermediaries, and their IT security experts to put up effective countermeasures and swiftly assure the banking public of the integrity of their electronic banking systems and the safety of depositors’ and clients’ funds,” Ong said.
The breach may have affected the customers’ personal data like birth dates, sources of income and addresses, according to reports.
In a statement, Cebuana Lhuillier assured that the transaction details or information were not compromised as the company’s main servers remain safe and protected.
While the Cebuana Lhuillier assured that the incident is being investigated and safety measures were already implemented to protect the personal data of their clients, the House leader said the National Bureau of Investigation (NBI) and the Philippine National Police (PNP) to step in and look into the data breach.
“I also ask the Anti-Cybercrime units of the National Bureau of Investigation and the Philippine National Police to assist the BSP and financial institutions on the law enforcement aspects,” Ong said.
Cebuana Lhuillier assured that they “are committed to ensuring the data privacy of our clients and adhere to strict security protocols in protecting our interests.”