MyRepublic customers’ personal data accessed by hackers
MyRepublic, the mobile operator and ISP, informed about the hacking incident where the personal data of around 79,400 mobile subscribers were accessed. The stolen data includes identity verification documents linked to customer applications for mobile services.
MyRepublic Limited, launched in 2011, is a Singaporean communications services provider. It is the first Telecommunications Company all over the world that is driven by a proprietary cloud platform.
According to the company, the attacker may have gotten hold of data, including copies of both sides of the NRICs of Singaporeans and other permanent residents, along with personal data of employment and dependent pass holders.
What is worrisome is that the NRIC number is a doorway to access official sites. Moreover, the information mentioned on the NRIC includes name, DOB, and address.
In the case of non-nationals who are MyRepublic subscribers, the threat actor could have accessed documents such as utility bills that hold their residential addresses. Also, the names and mobile numbers of customers who ported an existing service were accessed.
The company, however, stated that there is no evidence of account or payment information impacted through the hack. It added that their systems were not victimized, and there was no effect on their services.
Technology president of cyber-security firm Acronis, Dr. Stas Protassov, pointed out that stealing personal information would have led to experiencing spam messages or phishing attempts by the customers. MyRepublic also offered all affected customers free credit monitoring service via the Credit Bureau Singapore. Through this, the bureau will analyze all the credit reports of customers and release an alert in case of any suspicious activity.
In Singapore, the maximum fine charged for a data breach is $1 million. But companies can be charged more depending on their turnover.
The MyRepublic attack is followed by data breaches faced by other mobile operators. Last month only, StarHub informed about the online leaking of personal information of around 57,200 customers.
There were also around three ransomware attacks last month. One impacted the data of about 73,500 patients of an eye clinic, which included names, addresses, ID card nos., contact information, and clinical details of patients.