Pi拍錢包 Offers Over NT$500 in Vouchers as Compensation for Data Breach
Translated from Chinese, summarized and contextualized by DistantNews.
At a glance
- Pi拍錢包 (Pi Pocket) announced compensation for a data breach affecting approximately 3.5 million users, stemming from an internal employee file server hack.
- The breach, which occurred in June 2026, exposed user data including names and phone numbers from specific 2019 and 2022 project databases, though core financial and account information remained secure.
- Affected users will receive over NT$500 in convenience store drink vouchers as compensation, with Pi拍錢包 implementing enhanced security measures.
Taiwanese third-party payment service Pi拍錢包 (Pi Pocket) has revealed the full investigation results and compensation plan following a significant data breach that compromised the personal information of around 3.5 million users.
The company confirmed that hackers, identified as the Settra group, gained access through a vulnerability in its main server firewall in June 2026. This allowed them to illegally access files on an internal employee server. While Pi拍錢包 asserts that its app, transaction system, and website were not directly breached, and critical user data like passwords, transaction details, credit card numbers, and points stored in separate, protected databases remain secure, the incident has still led to a substantial data leak.
Investigations, conducted with a third-party cybersecurity firm, revealed that the leaked data primarily consisted of internal employee operational files. Most of these files did not contain sensitive personal information. However, they did include member data from specific projects launched in 2019 and 2022, which contained names, mobile phone numbers, and in some cases, license plate numbers.
As compensation for affected users, Pi拍錢包 will distribute electronic discount vouchers for beverages at designated convenience stores, valued at over NT$500. Users will be notified via app push notifications and can claim their vouchers through a dedicated webpage or by attempting to log in. The claim period runs from July 17 to October 31, 2026. The Digital Development Ministry has conducted an administrative inspection and provided guidance to Pi拍錢包, which has since implemented several security enhancements, including firewall upgrades, account privilege reviews, and the deployment of endpoint detection and response mechanisms.
Originally published by Liberty Times in Chinese. Translated, summarized, and contextualized by our editorial team with added local perspective. Read our editorial standards.