Jollibee Foods Corp., a fast-food company specializing in Filipino fare, is investigating a report of a data breach in its delivery service system, adding its name to a growing list of companies which have been targeted by hackers in recent years. Earlier today, Jollibee sent us a statement informing us that “a cybersecurity incident” had reportedly affected the company, “along with other companies.” 

The company stated in the statement that they had addressed the incident. A massive data breach has allegedly taken place at the Philippine fast-food chain, Jollibee. On June 20, 2024, an actor claimed responsibility for breaching the systems of Jollibee Foods Corporation, causing the Jollibee cyberattack to become known. Known as "Sp1d3r", the notorious attacker claimed that he was able to obtain the sensitive data of 32 million customers of a fast food chain and offered to sell the database for $40,000. 

An archive that was sold by an actor under the alias "Sp1d3r" has been found on Deep Web Konek. According to the archive, the data contains sensitive information on 32 million Jollibee customers, including their full names, mailing addresses, phone numbers, and e-mail addresses, among other things. A cybercriminal account known as “Sp1d3r” was posted on the BreachForums network on June 1, 2012, claiming that they had stolen the sensitive personal data of over 190 million people from QuoteWizard. 

According to the alleged database, the data included customer details, partial credit card numbers insurance quotes, and other personal information. The same threat actor also affected Advance Auto Parts, Inc., another American automobile aftermarket component supplier. Using the name Sp1d3r, the attacker claimed that three terabytes of customer information were stolen from Snowflake, a cloud storage service that the company used, and then sold it for $15 million to the company. 

Moreover, Sp1d3r is selling “extensive records” of food delivery orders, sales transactions, and service details, as indicated in its report. According to the company, the cyberattack may result in damages of up to $3 million. According to the company's response, it is currently actively investigating the incident, and response protocols have been deployed. However, they did not confirm the breach or the theft of data, nor did they deny it. Several big companies in the Philippines have been breached, including Maxicare, Jollibee Foods Corporation, and the Maritime Industry Authority (Marina), which exposed the personal information of their customers in an attempt to evade taxes. 

A data breach at Maxcare on June 19, which exposed the personal information of 13,000 members of the company, less than one per cent of its entire membership base, was confirmed by the company on June 19. As stated on its website, the firm consists of 20,000 physicians and specialists who are attached to over 1,300 hospitals, clinics, dental clinics, 140 rehabilitation centres, dialysis centres, and eye clinics, which serve as a platform for research. 

In the last few months, the company has grown to include over 1.8 million members across the country, from the corporate sector to small and medium-sized companies to the individual and family segments. It is believed that the exposed records belong to those who utilized Lab@Home, a third-party booking platform for home care providers. According to the threat actor, he had carried out a cyberattack and obtained access to 32 million customer information, such as names, addresses, phone numbers, emails, and hashed passwords, in a cyberattack. 

In addition, the hacker is also suspected of exfiltrating 600 million rows of data related to food delivery, sales orders, transactions, customer details, and other details regarding service providers. There is evidence supporting these claims provided in the TA through a sample of the data formatted in tabular format, which can be opened up using spreadsheet applications such as Microsoft Excel or Google Sheets. Although there are still a lot of questions surrounding the exact details of the alleged data breach, it is evident that the potential consequences of this breach are grave. 

Also, Deep Web Konek made known information regarding a data breach that allegedly occurred at the Philippines’ largest fast food chain, Jollibee Foods Corporation, and was disclosed by the group. A certain amount of data including the names and addresses of 32 million customers as well as 650 million records related to Jollibee's food delivery operations could have been exposed, according to the group. Among the data that has been compromised is reportedly sensitive information such as name, address, phone number, and e-mail address of the customers, along with hashed passwords. In addition, a vast number of records were exposed regarding delivery orders for food, transactions for sales and details concerning services. 

A report from the Cyber Security Information and Analysis Group said that the exposed data spans multiple tables, indicating a comprehensive and deep breach of Jollibee's systems. It has not been announced what the consequences of the breach will be Jollibee yet. The maritime industry authority of the Philippines reported on June 16 that, as a result of an attack and compromise of four of its web-based systems, the authority has been compromised. 

As a result, Marina said that it immediately dispatched officials and employees to its centre to put in place measures to ensure that the integrity of the system is maintained and protected. There is no doubt that Jollibee is investigating the claims made by "Sp1d3r". However, the threat actor has been implicated in several recent data breaches, including attacks on several customers of Snowflake, which is one of the most popular cloud data storage vendors. 

Jollibee's cyber attack is a stark reminder of the vulnerability of the digital world, where even the most successful and established businesses are susceptible to cyberattacks from notorious hackers, who may even become the perpetrators themselves. Customers must remain vigilant and follow any further guidance provided by Jollibee and cybersecurity experts as this may lead to further security breaches.