MANILA, Philippines — Over 8,000 prepaid customers of Globe Telecom have been affected after data registration confirmation receipts were sent to wrong recipients, the telco giant said yesterday.
A report on BestVPN.com stated that Globe “allegedly leaked customer’s private details to fellow customers via email.”
It reported complaints from Globe customers saying that they received an email containing somebody else’s personal account details.
In a statement yesterday, Globe said it has “rectified the issue with affected customers on sending wrong confirmation receipt to another individual.”
The Ayala-led telco said it has also reported the incident to the National Privacy Commission (NPC) in compliance with regulatory requirements.
“It was just a case of sending the data registration confirmation receipt to the wrong individual and was not sent en masse or as a group of data. It only affected prepaid customers who have registered to the On The List program to avail of concert tickets and other music venues of Globe events,” Globe said.
Globe said about 8,851 customers out of its 60 million prepaid subscribers were affected.
“It was not a data breach. It was an email error where the confirmation receipt was sent to someone else,” Globe senior vice president for corporate communications Yoly Crisanto clarified.
“The On The List registration site was taken down immediately to remove access to potential registrants at the time and we have notified all affected prepaid customers of the issue,” Globe chief information security officer Anton Bonifacio said.
In a statement yesterday, the NPC said it received Globe’s notification last Sunday.
“Based on their report, the personal data breach occurred due to a system error, potentially affecting 8,851 customers,” NPC commissioner Raymund Liboro said.
Liboro said the NPC is still evaluating the incident and verifying the information given to them by the telco, following its standard procedure.
“Those who may have been affected are advised to monitor their online and offline accounts for any unusual activity, to change passwords and other means of identity verification and to be careful of phishing attempts and other online risks,” Liboro said.
Globe is one of the country’s two dominant telcos, the other being PLDT-Smart. Globe’s mobile subscriber base totaled 65.4 million as of end September 2018.
In January last year, the NPC prompted Globe to enforce more stringent subscriber verification protocols to better protect its customers following reports that one of its prepaid mobile users fell victim to identity theft which resulted in the unauthorized access to the customer’s online banking account.
As a result, Globe committed to enforce a 24-hour delay in the activation of newly replaced SIM cards to subscribers who reported a lost or stolen phone, if the prepaid subscriber is unable to present the SIM bed or unable to provide proof of identification in case the prepaid subscriber is a GCash user. – With Rainier Allan Ronda