Sg: Software firm fined $74k for data breach caused by weak password; half a million users affected

Ang Qing reports from Singapore:

A company running online language lessons for children around the world used a password based on its website name, LingoAce, making it vulnerable to the data breach that resulted.

More than half a million users were affected. Among personal data compromised were the cellphone numbers, bank account numbers, signatures and Chinese nationals’ identity card numbers.

Singapore-based firm PPLingo was fined $74,000, according to a Personal Data Protection Commission (PDPC) judgment released on May 23. It runs online Chinese and English language classes for children aged four to 15.

Two suspected Scattered Spider hackers plead not guilty over Transport for London cyberattack
Fired techie admits sabotaging ex-employer, causing $862K in damage
Threat actors have reportedly launched yet another campaign involving an application connected to Salesforce
Russian hackers target IVF clinics across UK used by thousands of couples
US, allies sanction Russian bulletproof hosting services for ransomware support
Researchers claim 'largest leak ever' after uncovering WhatsApp enumeration flaw

Related: