Posted on

Data breach: ShopBack, RedDoorz say sensitive consumer data not compromised

Shopback app

Singapore’s leading online cashback platform ShopBack and budget hotels aggregator RedDoors today said in separate statements that confidential consumer data was not compromised, even as the reports of data breach emerged early this week.

Singapore’s privacy watchdog, the Personal Data Protection Commission, have already launched an investigation into the incidents.

In an emailed statement, a RedDoorz spokesperson said: “Earlier this week, we became aware that one of our IT databases suffered a breach. For now, no sensitive data pertaining to financial information such as customer credit cards or passwords was compromised to the best of our knowledge.”

Also Read: The third world war may already be happening online. Here’s why you need better cybersecurity

“We are taking all the necessary steps to investigate this further and at the same time we are conducting a thorough review of all our IT systems and protection. Data privacy is something we take very seriously at RedDoorz and we have implemented the necessary security measures to ensure all our customers’ personal data remains secured,” the spokesperson added.

Separately, ShopBack admitted that it is currently confirming what data has been compromised. However, it has no reason to believe that any of its consumers’ personal data has been misused, even though the possibility still exists.

The company has already removed the unauthorised access and engaged cyber security specialists to assess the extent of the incident. Besides, it has tightened the monitoring of internal logs to ensure heightened detection of unauthorised access, if any were to occur.

“Apart from your email addresses (or alternative login IDs) and limited transactional information, ShopBack does not require you to provide information to us that is not related to our specific services or campaigns,” the company added.

Also Read: Cybersecurity threats on the rise as companies shift to the WFH model

The types of data that consumers may have provided include their name, contact information, gender, date of birth, and bank account numbers for those who cash out to their bank accounts.

ShopBack cautioned consumers who have provided their bank account numbers to be wary of potential phishing attacks.

Cyber incidents – including data breaches – rank as the most serious business risk globally, according to the Allianz Risk Barometer 2020. They are becoming more damaging, increasingly targeting large companies with sophisticated attacks and hefty extortion demands.

Southeast Asia has seen a rise in data breach incidents in the recent past.

In May, Indonesian unicorn Tokopedia reported that more than 15 million of its user accounts were compromised.

In June, e27 was hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick” that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack.

In December last year, personal data pertaining to 2,400 Ministry of Defence (Mindef) and Singapore Armed Forces (SAF) personnel was put at risk and could have been leaked.


Image Credit: ShopBack

The post Data breach: ShopBack, RedDoorz say sensitive consumer data not compromised appeared first on e27.