• About Us
    • Fact Checking Policy
    • Ownership & funding information
    • Volunteer
  • Subscribe
  • Letter submission
    • Submissions Policy
  • Contact Us
The Online Citizen Asia
  • Opinion
    • Editorial
    • Commentaries
    • Letters
    • Comments
  • Current Affairs
    • Singapore
    • Malaysia
    • Indonesia
    • China
    • ASEAN
    • Asia
    • International
  • Finance
    • Economics
    • Labour
    • Property
    • Business
  • Community
    • Arts & Culture
    • Consumer Watch
    • NGO
    • Lifestyle
    • Travel
  • Politics
    • Civil Society
    • Parliament
    • Transport
    • Education
    • Environment
    • Health
    • Housing
  • Law & Order
    • Legislation
    • Court Cases
No Result
View All Result
  • Opinion
    • Editorial
    • Commentaries
    • Letters
    • Comments
  • Current Affairs
    • Singapore
    • Malaysia
    • Indonesia
    • China
    • ASEAN
    • Asia
    • International
  • Finance
    • Economics
    • Labour
    • Property
    • Business
  • Community
    • Arts & Culture
    • Consumer Watch
    • NGO
    • Lifestyle
    • Travel
  • Politics
    • Civil Society
    • Parliament
    • Transport
    • Education
    • Environment
    • Health
    • Housing
  • Law & Order
    • Legislation
    • Court Cases
No Result
View All Result
The Online Citizen Asia
No Result
View All Result

Personally identifiable information from 129,000 accounts and 23 enterprises affected in Singtel data privacy breach

Significant part of leaked data comprise 'non-sensitive' information such as emails, says company

by The Online Citizen
17/02/2021
in Business, Tech
Reading Time: 4 mins read
7
Personally identifiable information from 129,000 accounts and 23 enterprises affected in Singtel data privacy breach

Source: Nikkei Asia Review

Personally identifiable information from 129,000 individual accounts and 23 enterprises was affected by a recent data privacy breach involving telecommunications conglomerate Singtel.

The data taken includes consumer information containing varying combinations of personally identifiable information, said the company on Wednesday (17 Feb).

The enterprises include suppliers, partners and corporate customers.

Singtel said that a “large part” of the leaked data comprises the company’s internal information that is classified as non-sensitive such as data logs, test data, reports and emails.

Singtel said that it has completed initial investigations into the said breach, which took place in a third-party file-sharing system, adding that it has begun reaching out to affected stakeholders.

List of data affected by the recent Singtel data breach. Source: Singtel

Based on investigations and analysis conducted so far with the help of cybersecurity experts, the company has established which files on the Accellion FTA system were accessed illegally during the breach and which stakeholders have been impacted.

Accellion FTA, said Singtel, was the target of a sophisticated cyber-attack exploiting a previously unknown vulnerability.

When first alerted to exploits against the system last December, Singtel promptly applied a series of patches provided by Accellion to plug the vulnerability, the last patch being 27 December.

On 23 January this year, Accellion advised that a new vulnerability had emerged that rendered patches previously applied in December ineffective. Singtel immediately took the system offline.

On 30 January, Singtel’s attempt to patch the new vulnerability in the FTA system triggered an anomaly alert.

Accellion informed thereafter that the system could have been breached.

Singtel’s investigations later confirmed this and identified 20 January as the date the breach occurred.

The FTA system has been kept offline since 23 January. On 9 February, Singtel established that files were taken as a result of the breach and informed the public two days later on 11 February.

Singtel said that it has begun notifying all affected individuals and enterprises to help them and their staff manage the possible risks involved and take appropriate follow-up action.

“We are also appointing a global data and information service provider, to provide identity monitoring services at no cost to affected customers to help them manage potential risks. This service monitors public websites and non-public places on the internet, and notifies users of any unusual activity related to their personal information,” said the company.

Singtel’s Group CEO Yuen Kuan Moon on Wednesday apologised for the data privacy breach.

“While this data theft was committed by unknown parties, I’m very sorry this has happened to our customers and apologise unreservedly to everyone impacted. Data privacy is paramount, we have disappointed our stakeholders and not met the standards we have set for ourselves,” he said.

“Given the complexity and sensitivity of our investigations, we are being as transparent as possible and providing information that is accurate to the best of our knowledge. We are doing our level best to keep our customers supported in mitigating the potential risks,” Mr Yuen added.

Mr Yuen also thanked Singtel’s customers and partners for their patience and understanding as the company continues its cyber and criminal investigations to understand the full extent of the breach.

Singtel’s core operations and functions, he said, “remain unaffected and sound”, particularly as the incident “involves a standalone system provided by a third-party vendor”.

“Information security remains our highest priority and you have my commitment that we are conducting a thorough review of our systems and processes to strengthen them,” Mr Yuen assured.

In November last year, Parliament passed changes to the Personal Data Protection Act (PDPA) that will enable authorities to put in place heavier financial penalties against companies for data breaches.

With the introduction of the changes, large firms — those with an annual turnover of over S$10 million — can be fined 10 per cent of its annual turnover in Singapore or S$1 million, whichever is higher.

The enhanced PDPA also requires organisations to notify the Personal Data Protection Commission (PDPC) affected individuals if there is a possibility that the data breach will cause significant harm, or if 500 or more individuals are affected by the said breach.

Individuals tasked with handling or controlling personal data may also be prosecuted for mishandling or re-identifying anonymised information without authorisation.

If found guilty, individuals may be punished with a fine of S$5,000, or up to two years’ jail, or both.

Communications and Information Minister S. Iswaran said during the debate on the amendments that “the PDPC will ensure that financial penalties imposed are proportionate to the severity of the data breach”.

He noted that the increase in fines against companies found guilty of data breaches will come into effect only a year after the amended Act comes into force.

For just US$7.50 a month, sign up as a subscriber on The Online Citizen Asia (and enjoy ads-free experience on our site) to support our mission to transform TOC into an alternative mainstream press.

Related Posts

Singapore warns slower economic growth in 2023
Labour

Less than 1 in 10 jobs created in first three quarters of 2022 went to Singaporeans?

28/01/2023
Peru Congress rejects president’s plan for early elections
AFP

Peru Congress rejects president’s plan for early elections

28/01/2023
UMNO purging members as it sacks former health minister Khairy and suspended ex-defence minister Hishammuddin
Malaysia

UMNO purging members as it sacks former health minister Khairy and suspended ex-defence minister Hishammuddin

28/01/2023
WHO panel in talks on COVID emergency status
AFP

WHO panel in talks on COVID emergency status

27/01/2023
AFP

Two years after Myanmar coup, UN says situation ‘catastrophic’

27/01/2023
Grab driver supposedly earned $5,227.82 in a week prior CNY, netizens voice worries over his health
Community

Grab driver supposedly earned $5,227.82 in a week prior CNY, netizens voice worries over his health

27/01/2023
Subscribe
Connect withD
Login
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Notify of
Connect withD
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
7 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Latest posts

Singapore warns slower economic growth in 2023

Less than 1 in 10 jobs created in first three quarters of 2022 went to Singaporeans?

28/01/2023
Peru Congress rejects president’s plan for early elections

Peru Congress rejects president’s plan for early elections

28/01/2023
UMNO purging members as it sacks former health minister Khairy and suspended ex-defence minister Hishammuddin

UMNO purging members as it sacks former health minister Khairy and suspended ex-defence minister Hishammuddin

28/01/2023
WHO panel in talks on COVID emergency status

WHO panel in talks on COVID emergency status

27/01/2023

Two years after Myanmar coup, UN says situation ‘catastrophic’

27/01/2023
Grab driver supposedly earned $5,227.82 in a week prior CNY, netizens voice worries over his health

Grab driver supposedly earned $5,227.82 in a week prior CNY, netizens voice worries over his health

27/01/2023
Philippines to appeal ICC resumption of drug war probe

ICC grants new inquiry into Manila’s deadly ‘war on drugs’

27/01/2023
Minister refutes claims of Malaysia consulting Singapore on housing policy due to its inefficient civil service

Minister refutes claims of Malaysia consulting Singapore on housing policy due to its inefficient civil service

27/01/2023

Trending posts

Two Indian nationals paid about S$330 and S$730 respectively for forged certificates submitted in their S-Pass application

MOM found issuing EPs meant for foreign PMETs to PRC waitress and general worker

by Correspondent
26/01/2023
36

...

Earning only S$400 a month, delivery-rider turned hawker threw in the towel after two years of running a rojak stall

Earning only S$400 a month, delivery-rider turned hawker threw in the towel after two years of running a rojak stall

by Yee Loon
26/01/2023
24

...

Ho Ching breaks silence over Temasek’s write down of its US$275 million investment in FTX, says it “can afford to be contrarian”

US regulator questions VCs’ due diligence work prior to investing in FTX; Ho Ching says Temasek can afford to be contrarian

by The Online Citizen
24/01/2023
28

...

Indian rupee falls 60% since signing of CECA while Singapore becomes top investor in India

by Correspondent
25/01/2023
55

...

Temasek and GIC reportedly in talks with Adani Group accused of “brazen” market manipulation and accounting fraud

Temasek and GIC reportedly in talks with Adani Group accused of “brazen” market manipulation and accounting fraud

by The Online Citizen
26/01/2023
46

...

Personally identifiable information from 129,000 accounts and 23 enterprises affected in Singtel data privacy breach

Personally identifiable information from 129,000 accounts and 23 enterprises affected in Singtel data privacy breach

by The Online Citizen
17/02/2021
7

...

February 2021
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
« Jan   Mar »
  • About Us
  • Subscribe
  • Letter submission
  • Contact Us

© 2006 - 2021 The Online Citizen

No Result
View All Result
  • Opinion
    • Editorial
    • Commentaries
    • Comments
  • Current Affairs
    • Malaysia
    • Indonesia
    • China
    • ASEAN
    • Asia
    • International
  • Finance
    • Economics
    • Labour
    • Property
    • Business
  • Community
    • Civil Society
    • Arts & Culture
    • Consumer Watch
    • NGO
  • Politics
    • Parliament
    • Transport
    • Education
    • Environment
    • Health
    • Housing
  • Law & Order
    • Legislation
    • Court Cases
  • Lifestyle
    • Travel
  • Subscribers login

© 2006 - 2021 The Online Citizen

wpDiscuz