On 11 Feb 2021, Singtel released a media statement, stating that their customer data might have been compromised.
A third-party file-sharing system used by Singtel, Accellion, had been hacked.
Singtel said they would be carrying out investigations to ascertain the extent of the data breach, as it was unclear how serious it was.
Well, now we know the answer, and it isn’t pretty.
Everything About the Singtel Data Breach That Affected 129K Singtel Customers
Around 129,000 unlucky Singtel customers have had their personal information extracted by hackers during the recent breach of Accellion.
The personal data included names, addresses, phone numbers, identification numbers, and dates of birth, according to The Straits Times.
But that’s not all the hackers got.
They also stole the bank account details of some 28 former Singtel employees, and the credit card details of 45 employees of a corporate customer.
The stolen data is believed to have been put up on a ransomware site on the dark web. One such site, Clop, leaked over 11GB of data online this week, including payment details and e-mail exchanges.
The same group on Clop stole data from 25 other firms, and had asked on their site for $250,000 worth of bitcoin to “avoid this situation”.
Most of the Leaked Data Was Non-Sensitive Internal Information
The good news is that most of the data leaked was non-sensitive internal information like test data, reports, data logs, and e-mails, Singtel said.
While it has not yet identified the culprits behind the data breach, Singtel said it will reach out to all the affected individual and corporate customers and instruct them on how to manage the risks.
It has also appointed a data and information service provider that will notify customers of any unusual activity related to their personal information.
Affected customers will not have to pay for this service, of course.
Singtel Group CEO Yuen Kuan Moon apologised for the breach on Wednesday (Feb 17).
“I’m very sorry this has happened to our customers and I apologise unreservedly to everyone impacted. Data privacy is paramount, we have disappointed our stakeholders and not met the standards we have set for ourselves.”
Not The First Time
This isn’t the first time Singtel has had a data breach.
On 11 Feb last year, the Personal Data Protection Commission (PDPC) revealed that Singtel was one of seven organisations fined for “flouting the data protection law”.
Then, they were fined S$9,000 for a breach involving the My Singtel app.
Feature Image: Tang Yan Song / Shutterstock.com
Here’s a simplified summary of the South Korea martial law that even a 5-year-old would understand:
Read Also:
- Salon Allegedly Charged $880 Treatment Package to Elderly Who Has Hearing Difficulties
- Man Replaces M’sia-Registered Car With a S’pore Plate & Drives It Without a Driving Licence
- Confirmed: Allianz Withdraws Its Offer to Buy Income Insurance
- 10th Floor Resident Leaves Baby Stroller On Air Conditioner Compressor
- $400 Worth of Durians Delivered to Customer; Customer Allegedly Takes Durians Without Making Payment
- Woman Borrows Touch ‘N Go Card From S’pore Driver to Cross JB Checkpoint & Didn’t Return Card
Advertisements