Continue reading this on our app for a better experience

Open in App
Home News Cybersecurity

Singtel vendor data breach results in 129,000 customers' data compromised

The Edge Singapore
The Edge Singapore2/17/2021 09:03 PM GMT+08  • 3 min read
Singtel vendor data breach results in 129,000 customers' data compromised
Group CEO Yuen says that Singtel’s own core operations and functions remain unaffected and sound.
Font Resizer
Share to WhatsappShare to FacebookShare to LinkedInMore Share
Scroll to top
Follow us on Facebook and join our Telegram channel for the latest updates.

A data breach at a Singtel vendor, has resulted in the leak of personal data of some 129,000 customers. Certain information of 23 businesses linked to Singtel, including suppliers and partners, were also compromised, said Singtel upon completion of its initial probe of this incident.

Singtel knew of the hacking attempts on the file sharing system of its vendor, Accellion, last December. In response, a series of “patches” were applied including the last one on Dec 27.

Yet, on Jan 23, Accellion, a privately-held, California-based cloud solutions provider, said a new vulnerability was found and that previous patches were of no use. Singtel took the system offline immediately.

On 30 January, Singtel’s attempt to patch the new vulnerability in the file sharing system triggered an anomaly alert. Accellion informed thereafter that the system could have been breached.

Singtel’s investigations later confirmed this and identified January 20 as the date the breach occurred. The file sharing system has been kept offline since January 23.

On 9 February, Singtel established that files were taken as a result of the breach and informed the public two days later on February 11.

SEE: Bharti Airtel board approves 20% acquisition in Bharti Telemedia

According to Singtel, which has started informing affected parties, bank account details of 28 former Singtel employees and credit card details of 45 staff of a corporate customer with Singtel mobile lines are also affected.

A large part of the leaked data includes Singtel’s internal information such as data logs, test data, reports and emails.

“While this data theft was committed by unknown parties, I’m very sorry this has happened to our customers and apologise unreservedly to everyone impacted," said Singtel’s group CEO Yuen Kuan Moon.

"Data privacy is paramount, we have disappointed our stakeholders and not met the standards we have set for ourselves,” he said.

“Given the complexity and sensitivity of our investigations, we are being as transparent as possible and providing information that is accurate to the best of our knowledge. We are doing our level best to keep our customers supported in mitigating the potential risks," he added.

Yuen stresses that Singtel’s own core operations and functions remain unaffected and sound and this incident involves a standalone system provided by a third-party vendor.

“Information security remains our highest priority and you have my commitment that we are conducting a thorough review of our systems and processes to strengthen them,” he added.

Singtel shares closed Feb 17 at $2.40, down two cents.

Loading next article...
The Edge Singapore
Download The Edge Singapore App
Google playApple store play
Keep updated
Follow our social media
Subscribe to The Edge Singapore
Get credible investing ideas from our in-depth stock analysis, interviews with key executives, corporate movements coverage and their impact on the market.
© 2022 The Edge Publishing Pte Ltd. All rights reserved.