By John Ezekiel J. Hirro
PLDT has “significantly” ramped up its cybersecurity measures, the telecommunications giant said in response to a PressOne.PH report that it had dealt with almost 3,000 incidents in 2019 including 10 data breaches.
Cathy Yap-Yang, head of PLDT’s corporate communications, said in a letter to PressOne.PH that the 10 data breaches in 2019, mentioned in a filing with US corporate regulators, had been addressed in compliance with requirements set by the Philippines’s National Privacy Commission.
“Rest assured, PLDT has implemented corresponding countermeasures to reinforce cybersecurity,” she said.
PLDT took issue with the PressONE.PH story on Oct. 5, 2020 titled, “PLDT reports 10 data breaches in 2019; says it’s ‘less effective’ in deterring cyber threats,” arguing the headline was “misleading” and took the US disclosure out of context.
“We have verified details of the 10 incidents cited, and none were due to cyberattacks. While some had been digital-related, the incidents were caused by process gaps, human error or wrong processing,” Yang said.
She said “challenges relating to cyberattacks” have picked up since many of PLDT’s employees have shifted to a work-from-home setup amid the Covid-19 pandemic.
But Yang said this was “not in any way unique to PLDT, as similarly large enterprises globally have started to deal with increased worker mobility as well.”
In the US regulatory filing submitted in April, PLDT said it had worked on thousands of incidents involving malware attacks, the use of unauthorized applications, distributed denial of service attacks, network intrusion attempts, unauthorized access, failed login attempts of corporate credentials and spam emails.
While the incidents did not cause major disruptions to PLDT’s operations, the company said it has “significantly increased investments in cybersecurity measures.”
See Cathy Yap-Yang’s letter below.
7 October 2020
Felipe Salvosa II
Dear Mr Salvosa:
We wish to call the attention of your reporter Christian Brazil Bautista, who wrote the online article published on PressONE.PH on October 5, 2020 entitled, “PLDT reports 10 data breaches in 2019, says it’s ‘less effective’ in deterring cyber threats”.
We endeavor to correct the misleading headline as it is taken out of context from the whole source document, which is a disclosure PLDT normally files with the U.S. Securities and Exchange Commission as PLDT’s American Depositary Receipts are listed at the New York Stock Exchange.
We have verified details of the 10 incidents cited, and none were due to cyberattacks. While some had been digital-related, the incidents were caused by process gaps, human error or wrong processing. Furthermore, PLDT has addressed these 10 personal data breaches in compliance with the National Privacy Commission’s requirements. With more employees now working off site rather than in offices, challenges relating to cyberattacks have picked up, not in any way unique to PLDT, as similarly large enterprises globally have started to deal with increased worker mobility as well.
Rest assured, PLDT has implemented corresponding countermeasures to reinforce cybersecurity. You can read more of these on page 52 of PLDT’s 2019 Sustainability Report: http://pldt.com/docs/default-source/annual-reports/sustainability-report/in-good-company_final_772020.pdf
Given the foregoing, we wish to ask your good office to urgently issue the above correction.
First Vice President & Group Head of Corporate Communications