MyRepublic Singapore has disclosed a knowledge breach exposing the non-public info of roughly 80,000 cell subscribers.
MyRepublic an Asia-Pacific telecommunications provider and Web service supplier with operations in Singapore, New Zealand, and Australia.
Yesterday, MyRepublic Singapore started emailing information breach notifications disclosing that clients’ private info was uncovered after an unauthorized individual gained entry to a third-party information storage platform.
MyRepublic states that the information storage has since been secured, however not earlier than an unauthorized individual had accessed the information of 79,388 cell subscribers based mostly in Singapore.
The uncovered information embrace identification verification paperwork for functions for cell providers, together with:
- For affected Singapore residents, everlasting residents, and employment and dependent cross holders — scanned copies of either side of NRICs;
- For affected foreigners — proof of residential tackle paperwork e.g., scanned copies of a utility invoice; and
- For affected clients porting an present cell service — identify and cell quantity.
There isn’t any indication that account or fee info was accessed as a part of this incident.
Whereas the storage platform has not been disclosed, it’s probably an incorrectly secured storage bucket based mostly on the sorts of recordsdata that have been uncovered.
MyRepublic says that they’ve reported the incident to Singapore’s Infocomm Media Improvement Authority and the Private Information Safety Fee and can work with them to analyze the safety incident.
The cell provider can also be working with KPMG in Singapore to analyze and resolve the incident.
For these affected by this information breach, MyRepublic a complimentary credit score monitoring service by way of Credit score Bureau Singapore (CBS).
What ought to affected clients do?
Whereas no monetary or account info, reminiscent of electronic mail addresses and login names, have been uncovered, different delicate info was accessed that might permit identification theft.
Utilizing stolen utility payments and Nationwide Registration Id Playing cards (NRICs), it could be potential for risk actors to open accounts or obtain credit score below an uncovered buyer’s identify.
Subsequently, all affected clients should monitor their credit score stories to make sure fraudulent accounts will not be created with their identification.
Clients whose cell numbers have been uncovered must also search for SMS texts trying to steal additional delicate info.
Thx to Douglas Mun for the tip!