All is relatively well here at Woesnotgone Meadow, where everyone has above average bandwidth.
Cebuana Lhuillier is located in the Philippines and is one of the leading and largest financial services firm. Cebuana Lhuillier is differentiated as this is not a bank. The firm has nearly 2,500 branches throughout the nation. The services include a pawn service, remittance, micro-insurance, and micro-loans.
With the business operations, the data held by the firm is exceptionally valuable to the attackers who successfully compromise the system. There were attempted connections to the business servers was detected on January 15, 2019. There was a previous attack that was successful, which led to unauthorized downloads from the business servers on August 5, 8, and 12, 2018. It is curious why the second compromise was not deterred. When there is a significant compromise, as a rule of thumb the cybersecurity staff or at least the IT staff hardens the systems so the business is not compromised again.
We should persevere to learn from not only our mistakes, but others. With at least the second compromise, the attack vector and method were not published.
More than 900,000 clients were affected by the breach. This is approximately 3% of the entire clientele. Although 3% is not that high of a percent relative to the entire clientele, this is still a rather large number of clients. The attackers may have accessed the client’s personal data, including the dates of birth, addresses, and sources of income. Thankfully, the details for the transactions were not included with the potential compromised client data.
The firm was surprised with the compromise. The firm, as a result of the compromise, coordinated efforts with the National Privacy Commission (NPC). The firm also contracted with a third party to manage the compromise. The parties were investigating the issue. The company has already implemented safety measures to protect the client’s data. The firm did suggest to the clients for them to change their passwords.
This compromise emphasizes the need for a strong perimeter defense.
Thanks for visiting Woesnotgone Meadow, where the encryption is strong, and the O/Ss are always using the latest version.
Cyware Hacker News. (2019, January 22). Data breach at cebuana lhuillier affects over 900,000 clients. Retrieved from https://cyware.com/news/data-breach-at-cebuana-lhuillier-affects-over-900000-cleints-b247b34b
Langsdon, M. (2019, January 19). Philippine financial service firm flags data breach affecting 900,000 clients. Retrieved from https://www.reuters.com/article/us-hilippines-cebuana/huillier-data-idUSKCNIPD078
Merey, A. (2019, January 19). Over 900,000 affected by ceduana lhuillier data breach. Retrieved from https://news.abs-cbn.com/business/01/19/19/over-900000-affected-by-cebuana-lhuillier-data-breach
Philstar. (2019, January 19). Cebuana lhuillier hit by data breach. Retrieved from https://www.philstar.com/business/2019/01/19/1886427/cebuana-lhuillier-hit-data-breach
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!