Fundline Finance Corporation, a significant provider of micro-lending and motorcycle financing services in the Philippines, has allegedly fallen victim to a substantial data breach. A threat actor has posted on a dark web forum claiming to have sensitive personal information of over one million users of the financial institution. The data is being offered for sale for $1,000.
Fundline Finance Corporation, which has been operating for over two decades, plays a crucial role in providing financial services to many Filipinos, particularly micro and small-scale entrepreneurs. The company’s extensive network of 144 branches across the country makes this alleged breach a serious concern for a large number of individuals who have entrusted their personal and financial information to the institution. The alleged leaked data includes a vast amount of personally identifiable information (PII), which could be exploited by malicious actors for various fraudulent activities, including identity theft and phishing scams.
According to the forum post, the compromised data allegedly includes:
- Full names
- Phone numbers
- Email addresses
- Dates of birth
- Full addresses
- Document numbers (including ID cards)
- Tax Identification Numbers (TIN)
- Social Security System (SSS) numbers
- Government Service Insurance System (GSIS) numbers
The seller has provided samples of the data in CSV and TXT format to substantiate their claims, which appear to contain detailed customer and personal identification information. The investigation into this alleged data breach is ongoing.
