The personal data of more than 57,000 StarHub customers has been exposed in a data breach disclosed by the Singaporean telco.
StarHub’s cybersecurity team discovered the data on July 6 in a file that had been “illegally uploaded” to “a third-party data dump website”, according to a data breach alert published by StarHub on Friday (August 6).
The data file in question comprised “identity card numbers, mobile numbers, and email addresses belonging to 57,191 individual customers who had subscribed to StarHub services before 2007,” said StarHub.
The company emphasized that “no credit card or bank account information is at risk”.
StarHub added that “there is no indication that any data in this document has been maliciously misused”.
The telco – one of three major Singaporean telecommunications providers along with Singtel and M1 – said its IT systems and databases had not been compromised.
Incident response
Upon finding the file, StarHub said it “activated an incident management team” and “attempted to have the document removed from the data dump site”.
It was also “working closely with cybersecurity experts and the relevant authorities”, and reviewing “existing security measures to protect core infrastructure and systems”.
Victims are being notified via email and being offered six months of complimentary credit monitoring, a process StarHub said it expected to conclude within 14 days.
“Data security and customer privacy are serious matters for StarHub, and I apologise for the concern this incident may be causing our affected customers,” said StarHub CEO Nikhil Eapen.
“We have made substantial cybersecurity investments over the years, shoring up our cyber defences, and we will continue to stay vigilant in safeguarding our infrastructure and IT systems against cyber threats.”
He added: “We assure our customers that StarHub will continue to take all protection measures to ensure their information is safe with us.”
News of the data leak follow’s last month’s announcement by StarHub that it was giving away two-year rentals of its StarHub TV+ Box media player worth S$120 (US$88) to customers who hand in pirated set-top boxes.
The Daily Swig has contacted StarHub for further comment. We will update the article if and when they do so.
