Jollibee data breach could affect millions of customers
Known threat actor is allegedly selling a huge Jollibee database
Food service giant Jollibee has allegedly suffered a cyberattack and a data breach after experts claim to have found a database filled with sensitive customer data for sale.
Deep Web Konek found a database being sold by a threat actor under the alias “Sp1d3r”. The archive allegedly contains sensitive data on 32 million Jollibee customers, including their full names, postal addresses, phone numbers, and email addresses. Furthermore, Sp1d3r is apparently selling “extensive records” of food delivery orders, sales transactions, and service details.
The company responded to say that it is currently actively investigating the incident and that it deployed response protocols. However, it did not confirm, nor deny, the breach, or the data theft:
Contained incident
“We take this matter seriously and have launched an investigation to better understand the scope of the incident,” Jollibee said in a statement to Bloomberg. “We have implemented response protocols in addition to enhanced security measures to further protect data against threats,” it added.
Inquirer reports that the incident was contained only to the company’s delivery system. Its e-commerce platforms are unaffected, and remained operational, it was said.
Sp1d3r is a threat actor that’s been making quite a few headlines these past couple of weeks, mostly with regards to the recent Snowflake breach. TechRadar Pro has already reported on Sp1d3r selling sensitive data from Advance Auto Parts for $1.5 million, cybersecurity pros Cylance for $750,000, and the Truist bank, for $1 million.
Jollibee Foods Corporation operates a network of restaurants, primarily under the Jollibee brand, which is well-known for its fast food offerings such as fried chicken (often referred to as "Chickenjoy"), burgers, spaghetti, and other Filipino-inspired dishes.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via Inquirer
More from TechRadar Pro
- Top carmaker Advance Auto Parts confirms stolen data for sale following Snowflake attack
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.