You might want to tread on the side of caution and hold off of listing your pre-loved items on Carousell for a while.
Here’s why.
Data breach on Carousell
The e-commerce platform Carousell notified its users on Friday (21 Oct) about a data breach that occurred on 14 Oct.
Yes, they took one entire week before informing users.
Before you fly into a state of panic, it’s okay. Your NRIC number is still safe with you.
Data that was exposed by the breach included users’ registered email addresses and mobile numbers.
If you were affected by the data breach, go check your e-mail now – it’s likely you were already informed about it.
The platform informed users whose accounts were affected by the data breach via email. However, the platform did not explain why it took a week before finally informing affected users of the breach.
So, how exactly did the data breach happen?
A bug used by a third party
Apparently, a bug was used by a third party to gain unauthorised access to the personal data of certain users in Singapore.
Your classic explanation for how a data breach happens.
In the e-mail to affected users, the platform notes that they have taken action in connection with this breach and have fixed the bug to prevent any further unauthorised access to personal information.
For now, users need not worry about the same bug causing further breaches.
Carousell also added that they are working on security enhancement features to better protect Carousell users and prevent another data breach from happening again.
With any luck, we won’t be seeing Carousell on the news again.
Join our Telegram channel for more entertaining and informative articles at https://t.me/goodyfeedsg or download the Goody Feed app here: https://goodyfeed.com/app/
The platform also notes that law enforcement officials, such as the Personal Data Commission of Singapore, have been notified regarding this breach.
These law enforcement officials are currently assisting our favourite buy-and-sell app with their investigations into the breach.
If you’re a user of Carousell’s in-app payment feature, don’t worry. No credit card and payment-related information was compromised in this breach.
And if you have a strange and quirky password, you can have peace of mind as well. No password-related information was compromised in this breach.
Identity theft is also an unlikely consequence, as the breach did not include users’ NRIC numbers.
With that said, please still continue to err on the side of caution – you might be seeing more phishing attempts.
Since mobile numbers and e-mail addresses were compromised, it is a potential risk that users would be more susceptible to phishing attempts.
The platform also urged its users to stay vigilant and to be wary of SMSes or emails sent from unknown sources, particularly those with foreign links.
Read Also:
- Felicia Chin & Jeffrey Xu May Livestream Their Wedding Tomorrow (22 Oct)
- McDonald’s Having Toys to Let Kids be McDonald’s Crew Members
- M’sia Woman Sells Unwashed Underwear & Priced Them Depending on How Long They’ve Been Worn
- Jack Neo Shares Image of His Son in NS & It’s Like a FaceApp Version of Him
- New Job Openings for Safe-Entry Ambassador & Temperature Screener Sparks Speculations About Return of COVID-19 Rules
Featured Image: Carousell
Here’s a simplified summary of the South Korea martial law that even a 5-year-old would understand:
Read Also:
- Salon Allegedly Charged $880 Treatment Package to Elderly Who Has Hearing Difficulties
- Man Replaces M’sia-Registered Car With a S’pore Plate & Drives It Without a Driving Licence
- Confirmed: Allianz Withdraws Its Offer to Buy Income Insurance
- 10th Floor Resident Leaves Baby Stroller On Air Conditioner Compressor
- $400 Worth of Durians Delivered to Customer; Customer Allegedly Takes Durians Without Making Payment
- Woman Borrows Touch ‘N Go Card From S’pore Driver to Cross JB Checkpoint & Didn’t Return Card
Advertisements