Philippine Jollibee Foods Corporation hit by data breach
Learn More
A significant data breach has reportedly compromised the personal information of millions of Jollibee Foods Corporation customers. Jollibee Foods Corporation is a multinational fast-food chain based in the Philippines, headquartered in Pasig, Metro Manila.
The breach, reported by Filipino cybersecurity advocacy group Deep Web Konek, involves the exposure of around 32 million customer records and 650 million records related to Jollibee’s food delivery operations.
The compromised data includes:
- Full names
- Birthdates
- Mobile numbers
- Addresses
- Card numbers
- Facebook IDs and tokens
- ID numbers
- Financial information
- Passwords
- Last login dates
Additionally, the breach encompasses extensive records of:
- Sales orders
- Transactions
- Food delivery details
- Service information
According to Deep Web Konek, the stolen data is being sold by a hacker on a cybercrime forum for $40,000. The group's findings suggest that the breach affected multiple tables within Jollibee’s database.
The National Privacy Commission of the Philippines has stated that it has not yet received a notification from Jollibee regarding the breach.
Update - On 24th of June 2024, National Privacy Commission (NPC) reported that Jollibee Foods Corporation data breach potentially affected 11 million customers, exposing their dates of birth and senior citizen ID numbers. The breach may have also compromised JFC employee data.
Jollibee Foods Corporation has yet to to provide any comment. The number of affected individuals and the nature of the attack are not disclosed.
