Skip to main content

Advertisement

Advertisement

Data of 70,000 Sias members stolen in 2013

SINGAPORE — The personal particulars of about 70,000 members of the Securities Investors Association (Singapore) (Sias) were stolen five years ago, in a breach that was discovered only recently.

Data of 70,000 Sias members stolen in 2013
Follow us on Instagram and Tiktok, and join our Telegram channel for the latest updates.

SINGAPORE — The personal particulars of about 70,000 members of the Securities Investors Association (Singapore) (Sias) were stolen five years ago, in a breach that was discovered only recently.

Sias has sent an email to its members to inform them of the breach, which saw the data of the affected members illegally accessed and copied in 2013. The data included names, NRIC numbers and telephone numbers. However, the records were not amended or deleted.

When contacted, Sias president David Gerald said he was informed of the breach by the Cyber Security Agency of Singapore (CSA) on Wednesday (July 25) morning. He added that the association will take all measures necessary to protect the data. Members' database has also been taken offline, he added.

"We were also wondering why it took so long to find out. We've never suspected that we will fall prey, we had firewall in place and things like that, but evidently it was not enough," he said.

Ms Goh Yan Kim, deputy director of the Singapore Computer Emergency Response Team (SingCert), said the CSA received a tip-off email that the database with Sias members' personal information may have been compromised, but did not specify when it received the tip-off. She noted that the incident is not related to the massive cyber attack on healthcare group SingHealth, which was made public last Friday. 

Hackers stole the data of 1.5 million SingHealth patients and records of the outpatient medication given to Prime Minister Lee Hsien Loong during the week-long cyberattack attack from June 27 to July 4. The authorities said they would suspend the roll out of new information and communications technology systems while a security review of government systems is conducted.

As Sias is not a public sector agency or Critical Information Infrastructure, Ms Goh's team reached out to the association and asked it to verify the situation following the tip-off.

"We noted that Sias website has some vulnerabilities hackers could have exploited. We alerted Sias about technical issues in their website design so that they can take the necessary safeguards," added Ms Goh.

Ms Goh reminded companies to strengthen their cyber defence capabilities to protect their systems and customers. They may refer to the six essential cybersecurity measures for companies in the Be Safe Online handbook available on www.csa.gov.sg

 

Read more of the latest in

Advertisement

Popular

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.