MSO App Vendor Affected by “Cyber Incident”, But OneService App Not Affected & Users’ Data Not Compromised

A vendor for the Municipal Services Office (MSO) app has been implicated by a “cyber incident”.

A “malicious actor” had deleted information in association with push notifications for MSO’s OneService app.

The OneService app allows members of the public to report municipal matters.

According to MSO in a statement on Monday (28 Jun), the office was made aware of the incident on the databases of one of its vendors, Apptitude, on 19 June. 

Information that had been deleted by the “malicious actor” was related to push notifications for MSO’s OneService application, such as device types and past push notification messages. 

According to MSO, the app system and its users had not been affected by the incident. In addition, no personally identifiable information, such as case details had been stored in the affected databases. 

This means that those databases could not be exploited to identify app users or impersonate MSO or OneService to send out push notifications to app users. 

Once MSO had been made aware of the incident, they worked with Apptitude to promptly turn off the push notification system and implement extra measures to boost security. 

MSO said that it has also taken further precautions and will persist in monitoring its systems to keep an eye on possible incoming threats and inadequacies. 

Investigations on the incident are currently underway as well. 

More Singaporeans Affected by Cyber Attacks 

As we stay at home more often than ever now, going online is probably one of our only forms of escape from the pandemic-ridden world. 

Unfortunately, this means that more people in Singapore were affected by cyber attacks last year, such as having their online accounts hacked. 

According to the Cyber Security Agency of Singapore’s (CSA) Cybersecurity Awareness Survey released on Monday (28 Jun), nearly 37% of people in Singapore reported falling victim to at least one cyber-security incident in 2020. 

This is a pretty big jump from 28% in 2019. 

The top three most common cyber incidents that were reported as seen from the poll were: unauthorised attempts made by others to access individuals’ online accounts, accounts being exploited by hackers to further contact other people, and people being locked out of their own accounts by hackers. 

According to CSA chief executive David Koh, while the survey showed that more individuals are aware of threats in cyberspace, many still believe that they will not be targeted by cyber criminals. 

In order to urge people to be more vigilant online, CSA launched the “Better Cyber Safe than Sorry” national cybersecurity awareness campaign. 

CSA is collaborating with Shopee, Carousell, and FairPrice as part of the campaign. 

You can read more about the survey findings and CSA’s campaign here.

Feature Image: Facebook (OneService Community)