Personal data of StarHub’s customers, including email address and mobile numbers, has been leaked online. The telco assured that its systems and databases were not breached.
StarHub Ltd is one of the three major telecommunications company Singapore. Besides broadband and mobile, the telco also offers pay TV services in the country.
The breach, which was discovered by StarHub’s cybersecurity team during “proactive online surveillance” on July 6, StarHub said in a breach announcement on Friday.
The company immediately reported the breach to relevant authorities. It took the telco some time to investigate the incident and reach out to its customers to inform them about the matter.
According to StarHub, the company’s data was leaked online on a third-party data dump site. The company noted that the information obtained by hackers appeared to date back to 2007. All affected customers were from its consumer business.
The dumped file contained the details of almost 60,000 StarHub customers from before 2007. It also included their email addresses, mobile numbers, and identity card numbers.
StarHub would not provide details about the nature of the breach or the cause of the issue and would not provide details regarding the number of its customers affected by the incident. The spokesperson also declined to discuss due to “security considerations” how often the company carried out online surveillance, but only said it conducted such activities “regularly.”
No credit card or bank account details of its customers were reportedly leaked, and the company noted that there was no indication that the leaked data was maliciously used.
The company said it was working with experts to investigate the incident. It had started notifying affected customers and offering them six months of free credit monitoring through a third party agency. The service is designed to prevent unauthorized use of their data.
StarHub said it would issue a notification to all affected customers via email. It is offering six months of free credit monitoring through Credit Bureau Singapore.
StarHub has apologized for the incident and noted that it would be transparent about the matter.
“Data security and customer privacy are serious matters for StarHub, and I apologise for the concern this incident may be causing our affected customers. We will be transparent and will keep our customers updated,” StarHub CEO Nikhil Eapen said in the statement.
“We are actively reviewing current protection measures and controls in order to implement and accelerate long-term security improvements,” Eapen said.