Cashalo Issues Official Statement on Data Security Incident
The National Privacy Commission (NPC) through separate statements released on February 19 and February 23, 2021, revealed that 3.3 million client data from the cash-loaning application Cashalo are being sold on the dark web.
Meanwhile, on February 19, 2021, Cashalo has also released an official statement with regards to the said data security incident, stating that it was February 18, 2021 when their cybersecurity team has discovered a potential data security incident involving a Cashalo-only database archive.
“An individual claimed to be in possession of a Cashalo customer database taken from a non production system used by the company. This incident resulted in unauthorized access to a database archive that contained some personal data of Cashalo customers, including some combination of usernames, email, phone numbers, device ID, and encrypted passwords.”
– Cashalo, Feb. 19, 2021 Press Release
However, Cashalo stressed in their statement that no customer accounts or passwords were compromised. “Our encryption implementation ensured that no customer accounts or passwords were compromised,” they stated.
Cashalo disclosed that they have since taken the system offline and started investigations. They also disclosed that they are conducting impact assessments and notifying affected individuals about the said incident.
“Protecting the data and privacy of our users is of utmost importance to us,” stated Cashalo.
Data of 3.3M Cashalo Users Being Sold on Dark Web, National Privacy Commission Disclosed
How you can make the Internet a Safe and Better Place for all?
6 Ways You Can Protect Your Digital Privacy
Cashalo Official Statement
For More News and Updates
Looking for more news and updates? Feel free to explore our BCG website and our official Facebook page. You may also check out our official BCG YouTube channel to catch a variety of video content.
Source Cashalo| Press Release