A total of 1,560 IDs and passwords of SingPass users have potentially been accessed without the user's permission, said the Infocomm Development Authority in a media release on Wednesday.
IDA, the regulatory infocom body in Singapore, filed a police report on Tuesday after they were notified by the SingPass operator CrimsonLogic a day earlier, saying that a number of users have received Password Reset Notification letters even though they had not requested for any password reset. Police investigations are ongoing.
Based on early investigations, IDA said an "anomaly was detected between the number of mobile numbers used for Immediate Reset One Time Passwords and the number of SingPass accounts that they were tied to".
Out of the 1,560 users accounts that were potentially accessed, 419 of them had their passwords reset, triggering the password reset notification letters to be sent to the registered email addresses.
IDA is currently in the process of notifying all of the affected users regarding this incident.
Based on checks, IDA said there is no evidence of the SingPass system being compromised.
IDA's managing director Jacqueline Poh urged users to use strong passwords to access not only SingPass but all other e-Services they subscribe to.
"Strong passwords contain a combination of numerical figures, capital letters and are at least eight characters long. Users should also install anti-virus software and update all their software regularly," she said.
IDA said the government "takes cyber security very seriously" and that "the protection of personal data and the delivery of secure e-Services are critical".
https://sg.news.yahoo.com/over-1-500-singpass-accounts-hacked--ida-153558211.html
Tidak ada komentar:
Posting Komentar