Analysis & Insights

Media and Entertainment

Reward Portal Fined for Leaking National Servicemen’s Personal Data

4 - 11 June 2019

Cyber_News_Media

A vendor for Ministry of Defence (MINDEF) and the Ministry of Home Affairs (MHA) is fined S$4,000 after leaking the personal data of 426 National Servicemen (NSmen). The vendor was hosting a reward portal for NSmen and had deployed an erroneous script that sent redemption confirmation emails to users who have submitted a claim between 22 and 24 May 2018. The confirmation emails contained the log-in details, delivery address, email address and handphone numbers of the affected users. For failing to protect the personal data in its possession, the vendor could have been fined up to S$1 million.

References:

Vendor Fined S$4,000 for Coding Error that caused Disclosure of NSmen’s Personal Data

#Data Breach #Personal Data

More Weekly Cyber Newsanalysis and insights

Weekly Comments

SandboxEscaper has released a second proof-of-concept (PoC) to bypass CVE-2019-0841, a vulnerability that Microsoft has addressed

Debt Collection Agency Breach Puts 20 Million Patient Accounts at Risk

The breach at a major US debt collection agency, American Medical Collection Agency (AMCA), may expose the personal information of 20 million patients

Hackers Steals 19 Years’ Worth of Data from Top University

The Australian National University (ANU) discovers that a “sophisticated operator” has managed to access 19 years’ worth of personal data

Poor IT Security, Unpatched Vulnerability Cause Cathay Pacific Breach

The investigation report for the 2018 Cathay Pacific breach reveals that two separate hacking groups targeted the airline

Hawkball Backdoor Targets Governments in Central Asia

An unknown threat group is targeting the government sector in Central Asia with a new backdoor dubbed Hawkball

From Phish to Network Compromise in Two Hours

An investigation report of a May 2018 cyber attack on an East European bank reveals that the prolific Carbanak group

Media and Entertainment

Reward Portal Fined for Leaking National Servicemen’s Personal Data

4 - 11 June 2019

Cyber_News_Media

A vendor for Ministry of Defence (MINDEF) and the Ministry of Home Affairs (MHA) is fined S$4,000 after leaking the personal data of 426 National Servicemen (NSmen). The vendor was hosting a reward portal for NSmen and had deployed an erroneous script that sent redemption confirmation emails to users who have submitted a claim between 22 and 24 May 2018. The confirmation emails contained the log-in details, delivery address, email address and handphone numbers of the affected users. For failing to protect the personal data in its possession, the vendor could have been fined up to S$1 million.

References:

Vendor Fined S$4,000 for Coding Error that caused Disclosure of NSmen’s Personal Data

#Data Breach #Personal Data

More Weekly Cyber Newsanalysis and insights

Weekly Comments

SandboxEscaper has released a second proof-of-concept (PoC) to bypass CVE-2019-0841, a vulnerability that Microsoft has addressed

Debt Collection Agency Breach Puts 20 Million Patient Accounts at Risk

The breach at a major US debt collection agency, American Medical Collection Agency (AMCA), may expose the personal information of 20 million patients

Hackers Steals 19 Years’ Worth of Data from Top University

The Australian National University (ANU) discovers that a “sophisticated operator” has managed to access 19 years’ worth of personal data

Poor IT Security, Unpatched Vulnerability Cause Cathay Pacific Breach

The investigation report for the 2018 Cathay Pacific breach reveals that two separate hacking groups targeted the airline

Hawkball Backdoor Targets Governments in Central Asia

An unknown threat group is targeting the government sector in Central Asia with a new backdoor dubbed Hawkball

From Phish to Network Compromise in Two Hours

An investigation report of a May 2018 cyber attack on an East European bank reveals that the prolific Carbanak group