A recent security report notes that the confidential information of more than 57,000 StarHub customers has been leaked in what appears to be a severe oversight by the Singapore-based telecommunications company. The company’s security teams discovered the data breach this weekend, when they found a file posted without the company’s authorization on a download website operated by third parties.
According to the StarHub report, the file in question stored various personally identifiable details, including identity card numbers, phone numbers and email addresses belonging to nearly 57,200 customers subscribed to some company service sometime before 2007.
StarHub mentions that so far there is no evidence that the leak includes payment card numbers or any other financial information of customers, in addition to ensuring that the compromised data has not been used for malicious purposes. This is one of the major telecommunications companies in Asia, so this is not a minor incident.
On the measures that have been taken in this regard, StarHub claims to have activated an incident management protocol immediately after this exposed file was found, asking the website operators to delete the file. The company also enabled a security protocol on its core systems.
In a statement, StarHub CEO Nikhil Eapen noted: “Data security and customer privacy are serious matters for StarHub. We apologize for the concern this incident may be causing our affected customers.” Affected users are already being notified via email. StarHub offered its customers a six-month, no-cost subscription to a credit monitoring and identity fraud protection service. Interested users will receive a resolution in a couple of weeks.
The executive added that StarHub has made substantial improvements to its technology infrastructure over the years: “We have strengthened our cyber defenses and will continue to implement the necessary measures to protect our computer systems against cybercriminals. We can assure our customers that StarHub will continue to work to ensure the security of their personal information.”
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.