NPC: 22000 data subjects were affected by a cyberattack on S&R

The National Privacy Commission announced Wednesday that a recent cyber-attack on S&R Membership Shopping exposed the personal information of 20,000 people.

In a statement, the Commission said, “The company submitted a supplemental breach report today, Nov. 24, 2021, confirming that the subject of the ransomware attack was the S&R membership system affecting twenty-two thousand (22,000) data subjects,” 

According to the report, the members’ birthdates, phone numbers, and genders were all compromised in the attack.

The agency also stated that no credit cards or other financial information had been compromised, reiterating the membership-only retail warehouse club’s previous assurances.

“They informed the Commission that they instituted measures to secure their system, recover compromised data, prevent further disclosure, and recurrence of similar attacks,” said the NPC, adding it has reiterated to the firm its obligation to fully disclose and notify those affected individually.

S&R was also ordered by the NPC to give a technical report on the event from their third-party cyber-security firm.

S&R’s breach notification was received by the NPC on Nov. 15, a day after the membership-only retail warehouse club was struck by a cyber-attack, the NPC said earlier this Wednesday.

S&R only made the decision public on Wednesday morning, releasing a Nov. 21 advisory.

The firm also stated that its team “moved quickly and aggressively” to implement its cybsecurity policies, allowing them to restart system operations.

“Although there have been numerous reports of cyber-attacks in the Philippines, we strongly condemn their criminal acts perpetrated against private companies and we are treating this matter very seriously,” S&R added.

+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0

Enter your email and get notified when new content is added!

We don’t spam! Read our privacy policy for more info.

Leave a Reply

Your email address will not be published. Required fields are marked *

Send this to a friend