Pinoys urged to use tougher authentication after Facebook data breach


Posted at Sep 29 2018 05:10 PM | Updated as of Sep 29 2018 05:44 PM

Watch more in iWantTFC

MANILA—The National Privacy Commission on Saturday urged Filipino Facebook users to use multi-factor authentication to protect their accounts from further data breach.

"To protect themselves, all Facebook users must enable multi-factor authentication on all platforms, employ strong passwords, and practice good digital hygiene," the NPC said in a statement.

Francis Acero, chief of NPC's complaints and investigation division, said the commission has contacted Facebook and urged the social network to notify Filipinos whose information were illegally accessed.

"We’ve been in contact with Facebook. They have a country rep for public policy and we’re also talking to the regional representative," Acero told ANC.

"We also told them that they have to make their notifs better so they have to be able to inform those Filipinos who were affected exactly what was exposed in their information."

NPC commissioner Raymund Liboro said Facebook’s investigation "is still in its early stages," according to the company's representatives.

"They have not determined yet how many Filipinos are affected and whether misuse of personal information had resulted from this breach," he said in a statement.

Facebook attributed the breach to programming errors in updates made in July 2017, the NPC said.

Liboro said the commission has prescribed breach management procedures and expects Facebook to abide by these rules.

He assured that the NPC will notify the public about developments regarding the incident.

The social network giant announced Friday that up to 50 million accounts were breached in a security flaw exploited by hackers.

Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night.

The breach is the latest privacy embarrassment for Facebook, which earlier this year acknowledged that tens of millions of users had personal data hijacked by a political firm working for Donald Trump in 2016. --With Agence France-Presse