Zhao Yifan reports a follow-up to an incident previously noted on this site.
Ecommerce Enablers, which operates the online shopping service platform ShopBack, was fined S$74,400 for its failure to safeguard users’ personal data.
The data breach incident happened on Sep 9, 2020 when a malicious threat actor accessed Ecommerce Enablers’ storage server with a key inadvertently leaked by a senior member of the company’s software engineering team.
The threat actor then proceeded to extract close to 1.5 million email addresses, 840,210 names, 447,076 mobile numbers, 299,381 bank account numbers. There were also misappropriation of 378,531 instances of credit card information including partial credit card numbers and expiry dates.
Read more at The Business Times.
Related: The Commissioner’s decision.