Hackers have hit Singapore once more, reportedly breaching telecommunications provider MyRepublic and gaining access to the personal data of some 79,400 mobile subscribers. The company reported the cyber incident on Friday, 10th of September, 2021 and is now reviewing its systems to prevent similar breaches in the future.
“I reiterate that MyRepublic takes what has happened seriously. Like many customers, I am deeply disappointed, and I have been working directly with our IT and network teams as well as a team of external expert advisers to resolve the incident,” said Malcolm Rodrigues, CEO at My Republic. “We are also reviewing all our systems and processes, both internal and external, to ensure an incident like this does not occur again."
Vital Documents Breached, Serious Consequences Possible
According to MyRepublic, the hackers gained access to verification documents required for mobile service applications. Most notable among these documents are scanned National Registration Identity Cards (NRIC) of both Singaporeans and permanent residents, as they bear the owner’s name, home address and date of birth. Critically, the NRIC contains a designated number that one can use to access official sites, like government portals.
Additionally, personal data of employment, dependent pass holders and scanned copies of utility bills that contain the residential address of foreigners were also breached. The names and mobile numbers of existing mobile service customers were also accessed in the breach according to MyRepublic.
Nevertheless, MyRepublic clarified that the hackers were unable to compromise its systems, thus leaving no operational impact on the company. In other words, it has been business as usual for MyRepublic even as it deals with the fallout of this breach.
Even so, the breach can have serious ramifications for those whose records were stolen, with the affected customers likely to be hit by either phishing attempts or mobile spamming (or both) in the future. Worse, they can even have their identities stolen entirely, leading to even more serious consequences.
“I would expect some impersonation attacks and identity thefts that could lead to a victim’s accounts for services being taken over,” said Dr Stas Protassov, Technology President at cybersecurity firm Acronis. “No stolen data goes to waste these days. If the immediate threat actors can’t profit from your data, they will sell it to someone who can.”
Telcos Are a Prime Target
This latest cyber incident should not come as a surprise. Cyber-crooks are increasingly targeting the information, telecommunication and technology sector, whose role in people’s everyday lives has only grown during the pandemic and will increase even more moving forward.
“The Infocomm and technology sector has always been critical to our lives but over the past year its significance has increased dramatically as Singapore fights against the pandemic, and we all become heavily reliant on our mobile devices,” said Sumit Bansal, Managing Director of ASEAN and Korea at Sophos. “Sadly, this hasn’t stopped cybercriminals targeting the sector. We regularly see telecommunications as one of the top sectors prone to cyber attacks as personal details such as home addresses and identification records are highly prized by cybercriminals, so the warning signs are definitely there.”
Bansal added: “While root causes of the attack on MyRepublic are still unclear, it serves as another reminder for the industry to improve its cyber resilience by investing in cybersecurity infrastructure to thwart attacks as well as cyber-awareness training for all employees.”
A Worrying Trend
Companies in the Infocomm and technology sector, though, are not the only ones who need to start investing heavily in their cybersecurity infrastructure. Organisations across all industries will have to do the same, given the increasing frequency of cyber attacks, especially in Singapore.
In fact, in the three months after the Singapore Computer Emergency Response Team issued an advisory against ransomware, three Singaporean companies got hit by a ransomware attack: Eye & Retina Surgeons (ERS), Tokio Marine Insurance Singapore (TMiS) and Pine Labs.
Sanjeev Kumar, Chief Technology Officer at Pine Labs, has vehemently denied that the company has been victimised by ransomware, even as Cyble, a cyberthreat intelligence company, found evidence to the contrary. TMiS, on the other hand, issued, on the 16th of August, a statement admitting that the company was hit by a ransomware attack on the 31st of July. The Ministry of Health did the same, admitting through a press release on the 25th of August that the ERS was attacked as well on the 6th of August.
Another notable cyber incident in the past three months is the breach in telco provider StarHub, whose cybersecurity team discovered, on the 6th of July, a data breach involving identity card numbers, mobile numbers and e-mail addresses of 57,191 of the company’s customers. Worse, this information has reportedly been leaked online already.
MyRepublic first found out about the breach on the 29th of August and has since then secured access to the third-party data storage platform that was breached. The company has also activated its cyber-incident team that includes cybersecurity experts from third-party sources.
Additionally, MyRepublic has, in accordance with Singaporean laws, informed both the Infocomm Media Development Authority and the Personal Data Protection Commission of the breach. It has also started contacting affected customers and is vowing to get to resolve the problem as quickly as possible.