As many as 3.3 million Cashalo users are feared to be compromised following a recent breach to the cash-loaning platform, according to the National Privacy Commission (NPC).
Chief of Public Information and Assistance Division of the NPC, Roren Marie Chin, claims that preliminary investigations into the matter found that data from the Oriente Express Techsystem Corporation-operated application has been in circulation across cyber forums since February 14, 2021.
Trying to cash in on the exploit, the culprit is said to be selling the stolen user information which includes sensitive information, such as usernames, passwords, phone numbers, email addresses, and device identifications. Found in sites like RaidForums and cybleinc.com, the seller was also reportedly offering sample data for potential buyers.
The post at RaidForum has been taken down, as of Tuesday. Meanwhile, the NPC has already taken steps to coordinate with Cashalo regarding the hack.