NPC demands Facebook to offer free identity theft insurance for Pinoys affected in breach
This involves over 700,000 Facebook accounts based in the Philippines.
The National Privacy Commission (NPC) has demanded strong safeguards from social networking site Facebook after unidentified hackers were able to collect profile data for 755,973 Philippine-based user accounts without their consent.
The NPC made the company of billionaire Mark Zuckerberg to explain the circumstances of the security breach, which apparently saw personal data for thousands of Filipino profiles harvested by the supposed hackers, with some more detailed to include even work history, devices, location, recent search queries, and top followed accounts.
This is apart from full names, cellphone numbers, and e-mail addresses.
“As Facebook itself notes, the main potential impact for affected users will be an increased likelihood of getting targeted for professional ‘spam’ operations and ‘phishing’ attacks. However, the risk and vulnerability of Filipinos to spam and phishing are regarded as one of the highest in the world,” the regulator said in an order sent to Facebook.
Facebook said they had forced users to log out of their accounts in order to invalidate the stolen access tokens and restore security.
NPC even demanded more from Facebook, saying that a big number of Pinoys may not understand what the massive breach meant.
“Due to the nature and exposure of the Filipino data subjects, Facebook must also provide for identity theft insurance or credit monitoring service for free to affected Filipino data subjects; or, in the alternative, establish a dedicated helpdesk/help center for Filipino data subjects who may be adversely affected by this incident, to provide assistance in identity restoration and other related matters,” the Commission said.
How will Facebook take it?