Singtel said it recently faced breach on a third-party file sharing system — Accellion FTA system — and has begun reaching out to affected stakeholders.
Singtel’s press statement said the company has established which files on the Accellion FTA system were accessed illegally during the breach and which stakeholders have been impacted.

Hackers accessed personally identifiable Information of 129,000 customers containing NRIC and some combination of the following information: name, date of birth, mobile number, address; Bank account details of 28 former Singtel employees; Credit card details of 45 staff of a corporate customer with Singtel mobile lines and some information from 23 enterprises.

23 enterprises have also been impacted. These include suppliers, partners and corporate customers. A large part of the leaked data includes Singtel’s internal information that is non-sensitive such as data logs, test data, reports and emails. Singtel has begun notifying all affected individuals and enterprises to help them and their staff manage the possible risks involved and take appropriate follow-up action.

“While this data theft was committed by unknown parties, I’m very sorry this has happened to our customers and apologise unreservedly to everyone impacted. Data privacy is paramount, we have disappointed our stakeholders and not met the standards we have set for ourselves,” said Singtel’s Group CEO Yuen Kuan Moon.

“Given the complexity and sensitivity of our investigations, we are being as transparent as possible and providing information that is accurate to the best of our knowledge. We are doing our level best to keep our customers supported in mitigating the potential risks.”

Singtel is also appointing a global data and information service provider, to provide identity monitoring services at no cost to affected customers to help them manage potential risks. This service monitors public websites and non-public places on the internet, and notifies users of any unusual activity related to their personal information.

Accellion FTA which Singtel used as a third-party file sharing system was the target of a sophisticated cyber attack exploiting a previously unknown vulnerability. When first alerted to exploits against the system last December, Singtel applied a series of patches provided by Accellion to plug the vulnerability, the last patch being 27 December.

On 23 January this year, Accellion advised that a new vulnerability had emerged that rendered patches previously applied in December ineffective. Singtel immediately took the system offline.

On 30 January, Singtel’s attempt to patch the new vulnerability in the FTA system triggered an anomaly alert. Accellion informed thereafter that the system could have been breached.

Singtel’s investigations later confirmed this and identified 20 January as the date the breach occurred. The FTA system has been kept offline since 23 January. On 9 February, Singtel established that files were taken as a result of the breach and informed the public two days later on 11 February.