Malware attacks are nothing to be scoffed at, and that’s especially so when you inadvertently end up being one of their prospective victims.
Something that, rather unfortunately, applies to some 30,000 individuals who had sought advice from the Employment and Employability Institute (e2i).
30,000 e2i Clients Might Have Had Personal Data Breached After Malware Attack
According to TODAYonline, around 30,000 individuals may have had their personal information compromised, after an employee of a third-party vendor suffered a possible malware attack last month (March 2021).
According to the news report, the affected individuals were affiliated with e2i, the job and training branch of the National Trades Union Congress (NTUC).
Apart from the individuals’ names, contact particulars and other personal info, the employee’s mailbox also contained data such as National Registration Identity Card (NRIC) details, educational qualifications, and more.
Immediate recovery efforts have been launched, said e2i. Security has since been tightened, and they will be working together with the vendor, i-vic International, to check for any further vulnerabilities.
Potentially affected personnel have also been contacted via email, SMS or phone calls.
“We are alerting the potentially affected individuals to be vigilant on phishing attempts and monitor for any suspicious activities or requests,” said e2i.
Wary individuals may also file an online report or contact e2i if they sense something amiss.
The contact details or e2i are as follows:
Phone: 6713 5779
- Mon–Fri: 9:00am–6:00pm
- Sat: 9:00am–1:00pm
- Sun, Public Holidays: Closed
Do take note that e2i’s dedicated hotline may experience a high volume of calls, especially in this initial period, so you might have to be patient.
For more information about the data security breach at e2i, click here.
In light of the circumstances, e2i has since apologised for the anxiety the incident has induced.
“The protection of our clients’ personal data is of utmost importance to us,” e2i chief executive officer Gilbert Tan said. “Though the malware did not target e2i directly, cybersecurity threats are real and the protection of personal data is of top priority to us.”
Despite the possible breach, he has reassured the public that e2i’s operations, services and systems have not been affected, and that jobseekers can continue to use their services in search of employment opportunities.
It appears that such online attacks have been prevalent of late.
On 11 February 2021, Singtel released a media statement, stating that their customer data might have been compromised.
A third-party file-sharing system used by Singtel, Accellion, had been hacked.
In total, around 129,000 unlucky Singtel customers have had their personal information extracted by hackers during the Accellion breach.
The personal data included names, addresses, phone numbers, identification numbers, and dates of birth, according to The Straits Times.
Apparently, they also stole the bank account details of some 28 former Singtel employees, and the credit card details of 45 employees of a corporate customer.
And more recently, on 23 March 2021, local furniture retailer Vhive was reportedly hacked by the group Altdos.
The data breach led to the leakage of numerous customers’ personal information, such as phone numbers and physical addresses.
In total, the records of over 300,000 customers were seized in the illegal operation.
On 10 September 2020, the Personal Data Protection Commission (PDPC) came to a decision regarding Grab’s latest breach, which started with their decision to update the Grab App.
The update was supposed to patch a vulnerability within the app that allowed access to GrabHitch drivers’ data.
However, the update somehow exposed the details of 5,651 drivers to unauthorised access by other drivers.
In total, 21,541 drivers’ and passengers’ personal data were exposed.
Feature Image: Facebook (Employment & Employability Institute, e2i)