Singaporean telco provider StarHub suffered a data breach that affected over 57,000, with customer information found on a dump site. Despite this, the company maintains that its system remains safe and free from data security incidents.
StarHub is a telecommunications company that offers mobile and broadband services to consumers in Singapore. Apart from this, the company also provides TV services in the country. ZD Net said that prior to disclosing the incident, StarHub revealed that its revenues reached SG486.7 million.
According to ZD Net, the data security breach has been first discovered last July 6, 2021, by a cybersecurity team. The team reportedly found the incident during a “proactive online surveillance.” The Straits Times said that the researchers discovered an illegally uploaded file dumped on a third-party website.
While the company discovered the incident last month, the telco provider only disclosed the incident to the public last Friday, August 6, 2021, via a statement on its website. StarHub said that they “have taken time to investigate the nature of the incident and assess the impact on affected customers,” thus the delay in notifying individuals.
The personal data leak of consumers affects customers that had subscribed to its services prior to 2007, reports The Straits Times.
Among those compromised in the incident include the email addresses and mobile numbers of customers. In addition, ZD Net states that the identity card numbers of customers have also been made vulnerable. In total, around 57,191 customers are affected by the data breach.
Based on its findings, StarHub maintains that users’ credit cards or bank account details were not included in the data security incident. Likewise, the company believes that “there is no indication that any data in this document has been maliciously misused.”
Following the incident, StarHub has taken the necessary precautions and certain actions to protect its customers. These actions include enlisting the help of an incident management team to assess the extent of the breach, as well as reaching out to relevant authorities and cybersecurity experts to notify them about the incident and for them to conduct a thorough investigation.
StarHub also mentioned in its press release on its website that it had taken steps to remove the file on the third-party dump website. However, it has not updated the public on its success in doing so.
Moreover, the company reveals that they have also reviewed their existing security measures and are finding more ways to protect its systems. The Singaporean telco provider has started notifying affected parties via email.