You might want to tread on the side of caution and hold off of listing your pre-loved items on Carousell for a while.
Here’s why.
Data breach on Carousell
The e-commerce platform Carousell notified its users on Friday (21 Oct) about a data breach that occurred on 14 Oct.
Yes, they took one entire week before informing users.
Before you fly into a state of panic, it’s okay. Your NRIC number is still safe with you.
Data that was exposed by the breach included users’ registered email addresses and mobile numbers.
If you were affected by the data breach, go check your e-mail now – it’s likely you were already informed about it.
The platform informed users whose accounts were affected by the data breach via email. However, the platform did not explain why it took a week before finally informing affected users of the breach.
So, how exactly did the data breach happen?
A bug used by a third party
Apparently, a bug was used by a third party to gain unauthorised access to the personal data of certain users in Singapore.
Your classic explanation for how a data breach happens.
In the e-mail to affected users, the platform notes that they have taken action in connection with this breach and have fixed the bug to prevent any further unauthorised access to personal information.
For now, users need not worry about the same bug causing further breaches.
Carousell also added that they are working on security enhancement features to better protect Carousell users and prevent another data breach from happening again.
With any luck, we won’t be seeing Carousell on the news again.
Join our Telegram channel for more entertaining and informative articles at https://t.me/goodyfeedsg or download the Goody Feed app here: https://goodyfeed.com/app/
The platform also notes that law enforcement officials, such as the Personal Data Commission of Singapore, have been notified regarding this breach.
Advertisements
These law enforcement officials are currently assisting our favourite buy-and-sell app with their investigations into the breach.
If you’re a user of Carousell’s in-app payment feature, don’t worry. No credit card and payment-related information was compromised in this breach.
And if you have a strange and quirky password, you can have peace of mind as well. No password-related information was compromised in this breach.
Identity theft is also an unlikely consequence, as the breach did not include users’ NRIC numbers.
With that said, please still continue to err on the side of caution – you might be seeing more phishing attempts.
Advertisements
Since mobile numbers and e-mail addresses were compromised, it is a potential risk that users would be more susceptible to phishing attempts.
The platform also urged its users to stay vigilant and to be wary of SMSes or emails sent from unknown sources, particularly those with foreign links.
Read Also:
- Felicia Chin & Jeffrey Xu May Livestream Their Wedding Tomorrow (22 Oct)
- McDonald’s Having Toys to Let Kids be McDonald’s Crew Members
- M’sia Woman Sells Unwashed Underwear & Priced Them Depending on How Long They’ve Been Worn
- Jack Neo Shares Image of His Son in NS & It’s Like a FaceApp Version of Him
- New Job Openings for Safe-Entry Ambassador & Temperature Screener Sparks Speculations About Return of COVID-19 Rules
Featured Image: Carousell
Read Also:
- Real Mercs Driver in Tampines Accident Responded; Said He Sped Up to See Saab’s Car Plate Number
- If You’re a PME, Here’s Another Reason Why You Should Join a Union
- TikTok CEO Chew Shou Zi Responds to TikTok Ban; Confident to Win Legal Challenge
- Popular Peach Garden in Thomson Plaza Suspended After 43 People Allegedly Had Food Poisoning After Eating There
- Driver in Tampines Accident Engaging Lawyer After Being Charged
Advertisements
