[BreachExchange] StarHub suffers data breach, but says no system was compromised

Fri Aug 6 11:37:40 EDT 2021

https://www.zdnet.com/article/starhub-suffers-data-breach-but-says-no-system-was-compromised/

StarHub says personal data of its customers, including email addresses and
mobile numbers, have been found on a dump site. The Singapore telco,
however, insists none of its customer database or data systems have been
breached.

The data breach was discovered during a "proactive online surveillance" on
July 6 by its cybersecurity team, StarHub said in a statement late-Friday
unveiling the breach.

On its website informing customers of the incident, the telco said it
needed "time" to investigate the incident and assess the impact before
confirming the breach publicly. The relevant authorities, however, were
informed of the breach.

According to its statement to local media, StarHub said an illegally
uploaded file containing the leaked data was found on a third-party data
dump website. It added that the information appeared to date back to 2007.

The file contained mobile numbers, email addresses, and identity card
numbers for 57,191 customers who had subscribed to StarHub's before 2007,
it said. Apart from broadband and mobile, the telco also offers pay TV
services in Singapore. All affected customers were from its consumer
business, according to its website.

When asked, a StarHub spokesperson would not say which of its customers
were impacted or whether they were still customers. She also declined to
reveal how often it conducted its online surveillance, citing security
considerations, saying only that the telco conducted such activities
"regularly".

She would not provide details when asked if the telco had determined the
cause of the breach, saying only that there currently were no indications
of compromise on its existing systems.

According to StarHub, no credit card or bank account details were breached,
and there currently were "no indication" the leaked data had been
"maliciously misused".

It also noted that none of the company's "information systems or customer
database" were compromised. On its website, it said its investigation into
the breach "verified the integrity of our network infrastructure".

The telco said an incident management team was assessing the breach and
digital forensic and cybersecurity consultants were investigating the
incident.

The telco said it had begun "progressively notifying" affected customers
via email and was offering six months of complimentary credit monitoring
services through Credit Bureau Singapore, to track if any data might be
used inappropriately. The service monitors subscribers' credit report and
notifies them of various predetermined activities, including when enquires
are made on their credit file and if status on default records are updated.

StarHub said it expected to take two weeks to notify all affected
customers. It also "attempted" to have the data file removed from the dump
site, but did not say if it succeeded in doing so.

StarHub CEO Nikhil Eapen said in the statement: "Data security and customer
privacy are serious matters for StarHub, and I apologise for the concern
this incident may be causing our affected customers. We will be transparent
and will keep our customers updated.

"We are actively reviewing current protection measures and controls in
order to implement and accelerate long-term security improvements," Eapen
said.

StarHub just yesterday announced its second quarter earnings, saying it
clocked a 7.3% year-on-year climb in revenue to SG$486.7 million ($360.26
million).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210806/a223af24/attachment.html>