Approximately 24,000 customers of WhizComms, a broadband service provider, fell victim to a data breach where an external party gained unauthorized access to the company’s web server.
The breach, detected on April 21, involved the downloading of scanned images containing customers’ personal information, primarily consisting of NRICs (National Registration Identity Cards) required for broadband service registration. In addition to NRICs, some scanned images of work permits and visa approval documents were also obtained.
WhizComms promptly informed the affected individuals via email on May 10, disclosing the breach and the unauthorized access to their personal information. However, the company’s spokesperson emphasized that contact information and payment details remained secure, stating that a thorough investigation had been conducted, revealing no compromise beyond the information found on the NRICs and work permits.
While the stolen images of scanned NRICs may contain home addresses, the spokesperson clarified that the actual installation addresses for the broadband service were not compromised in the breach.
As soon as the breach was discovered during a customer database scan, WhizComms took immediate action to block further third-party access and reported the incident to the police.
Further details regarding the breach and ongoing investigations were not disclosed by the spokesperson, but the breach serves as a reminder of the importance of data security and the need for companies to implement robust measures to protect customer information.
