October 02, 2020
ShopBack, Razer, Grab Have Faced Data Breaches – How Can S’pore Step Up Cybersecurity?
Startups grow and expand their operations, fuelled by investor funding and government support.
However, as they scale up, more consumer data gets processed by them and cybersecurity issues creep in.
In recent months, several companies in Singapore, such as ShopBack and RedDoorz, have been the recent target of data breaches.
For online cashback platform ShopBack, the team was alerted to "unauthorised access" of its systems containing customers' personal data "a few days ago" and initiated an investigation.
In an email to its customers on Friday (25 Sep), maxisys elite
. ShopBack said it was still confirming what data had been compromised.
ShopBack also mentioned that they do not store customers' credit card numbers and that CVV and account passwords are encrypted, but suggested that users change them as an "added precautionary measure".
Other than ShopBack, hospitality startup RedDoorz also acknowledged on Saturday (26 Sep) that one of its IT databases suffered a breach earlier this week.
In a statement, it assured that "for now", no sensitive data pertaining to financial information such as customer credit cards or passwords, was compromised "to the best of its knowledge".
For Grab, a 2019 update put the data of some 21,541 GrabHitch drivers and passengers at risk of unauthorised access in what was their fourth breach of data privacy regulations over a course of two years.
On the other hand, earlier this month, the data of 100,000 Razer customers around the world too had been at risk of being accessed by the public due to a misconfigured server.
The data breach was discovered by cyber-security consultant Volodymyr Diachenko who said the server was misconfigured for public access since 18 August. He immediately notified the company via their support channel.
However, his message was processed by non-technical support managers for more than three weeks until the data was secured from public access.
Razer has not confirmed the number of customers affected nor officially released an explanation on it.
This spate of data breaches raises the question: are we not prioritising cybersecurity enough?
According to a Cyber Security Agency survey, more than a quarter of Singapore's residents suffered at least one cybersecurity lapse in the past year.
The most common cyber incidents encountered include unauthorised attempts to access online accounts (14 per cent), and the usage of online accounts to contact others without consent (10 per cent).
Other types of cyber incidents involve changing the settings of their computers without consent (9 per cent) and having their personal data stolen as a result of a cyber incident (8 per cent).
As phishing remained a popular way for cyber attackers to target victims, the 2019 survey also included a new section to study respondents' understanding of phishing.
Phishing is a technique that hackers use to con you into providing your personal information or account data. Phishing emails and text messages may look like they are from a company you know or trust.
Although 66 per cent of respondents knew what phishing was, only 4 per cent could identify all the phishing emails correctly.
The survey also found out that the proportion of respondents who installed security applications in their mobile devices saw only a slight increase from 45 per cent in 2018 to 47 per cent in 2019.
This is despite 85 per cent of them indicating they understood the risks of not having these security apps, and 64 per cent saying they knew how to use them.
There are a couple of ways to check if your personal information has been compromised.
For one, if you are using the Google Chrome web browser, you can use the Passwords feature to check if any of your passwords has been compromised.
Under Settings, go to Passwords. Under Passwords, go to Check Passwords. A list of saved passwords on your browser will show up. If your password has been compromised, it will show. Otherwise, you are all good.
Another way is to run a free data breach report from F-Secure Identity Theft Checker by cyber security company F-Secure.
When you enter your email...
However, as they scale up, more consumer data gets processed by them and cybersecurity issues creep in.
In recent months, several companies in Singapore, such as ShopBack and RedDoorz, have been the recent target of data breaches.
For online cashback platform ShopBack, the team was alerted to "unauthorised access" of its systems containing customers' personal data "a few days ago" and initiated an investigation.
In an email to its customers on Friday (25 Sep), maxisys elite
. ShopBack said it was still confirming what data had been compromised.
ShopBack also mentioned that they do not store customers' credit card numbers and that CVV and account passwords are encrypted, but suggested that users change them as an "added precautionary measure".
Other than ShopBack, hospitality startup RedDoorz also acknowledged on Saturday (26 Sep) that one of its IT databases suffered a breach earlier this week.
In a statement, it assured that "for now", no sensitive data pertaining to financial information such as customer credit cards or passwords, was compromised "to the best of its knowledge".
For Grab, a 2019 update put the data of some 21,541 GrabHitch drivers and passengers at risk of unauthorised access in what was their fourth breach of data privacy regulations over a course of two years.
On the other hand, earlier this month, the data of 100,000 Razer customers around the world too had been at risk of being accessed by the public due to a misconfigured server.
The data breach was discovered by cyber-security consultant Volodymyr Diachenko who said the server was misconfigured for public access since 18 August. He immediately notified the company via their support channel.
However, his message was processed by non-technical support managers for more than three weeks until the data was secured from public access.
Razer has not confirmed the number of customers affected nor officially released an explanation on it.
This spate of data breaches raises the question: are we not prioritising cybersecurity enough?
According to a Cyber Security Agency survey, more than a quarter of Singapore's residents suffered at least one cybersecurity lapse in the past year.
The most common cyber incidents encountered include unauthorised attempts to access online accounts (14 per cent), and the usage of online accounts to contact others without consent (10 per cent).
Other types of cyber incidents involve changing the settings of their computers without consent (9 per cent) and having their personal data stolen as a result of a cyber incident (8 per cent).
As phishing remained a popular way for cyber attackers to target victims, the 2019 survey also included a new section to study respondents' understanding of phishing.
Phishing is a technique that hackers use to con you into providing your personal information or account data. Phishing emails and text messages may look like they are from a company you know or trust.
Although 66 per cent of respondents knew what phishing was, only 4 per cent could identify all the phishing emails correctly.
The survey also found out that the proportion of respondents who installed security applications in their mobile devices saw only a slight increase from 45 per cent in 2018 to 47 per cent in 2019.
This is despite 85 per cent of them indicating they understood the risks of not having these security apps, and 64 per cent saying they knew how to use them.
There are a couple of ways to check if your personal information has been compromised.
For one, if you are using the Google Chrome web browser, you can use the Passwords feature to check if any of your passwords has been compromised.
Under Settings, go to Passwords. Under Passwords, go to Check Passwords. A list of saved passwords on your browser will show up. If your password has been compromised, it will show. Otherwise, you are all good.
Another way is to run a free data breach report from F-Secure Identity Theft Checker by cyber security company F-Secure.
When you enter your email...
Posted by: autelds708 at
06:13 AM
| No Comments
| Add Comment
Post contains 688 words, total size 5 kb.
18kb generated in CPU 0.0091, elapsed 0.1636 seconds.
35 queries taking 0.158 seconds, 90 records returned.
Powered by Minx 1.1.6c-pink.
35 queries taking 0.158 seconds, 90 records returned.
Powered by Minx 1.1.6c-pink.
