Singapore telecom StarHub says it is taking a series of actions to counter any harm from customers’ private information being on a data dump website.
Though the data appears to be historic, the company stressed it is treating the incident seriously and has:
- established an incident management team to assess and contain the situation;
- hired a team of digital forensic and cyber security experts to investigate;
- attempted to have the leaked document removed from the third-parry data dump site; and
- reviewed existing security measures to protect core infrastructure and systems.
The data breach was discovered on 6 July by StarHub’s cyber security team during online surveillance.
The illegally uploaded file appears to be around 14 years old as it contains identity card numbers, mobile numbers and email addresses belonging to 57,191 customers who had subscribed to the company’s services before 2007.
“No credit card or bank account information is at risk and no StarHub information systems or customer database are compromised. At this time, there is no indication that any data in this document has been maliciously misused,” the company added.
CEO Nikhil Eapen said: “Data security and customer privacy are serious matters for StarHub, and I apologise for the concern this incident may be causing our affected customers.”
That includes emailing them and helping safeguard their identity and personal information by offering them a free credit monitoring service for six months.
He also said: “We have made substantial cyber security investments over the years, shoring up our cyber defences, and we will continue to stay vigilant in safeguarding our infrastructure and IT systems against cyber threats.
“We also work closely with the regulators on an integrated cyber posture that protects not only StarHub but our retail and enterprise customers as well.”