New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


StarHub Suffers Data Breach

StarHub says personal data of its customers, including email addresses and mobile numbers, have been found on a dump site. The Singapore telco, however, insists none of its customer database or data systems have been breached. The data breach was discovered during a “proactive online surveillance” on July 6 by its cybersecurity team, StarHub said in a statement late Friday unveiling the breach. On its website informing customers of the incident, the telco said it needed “time” to investigate the incident and assess the impact before confirming the breach publicly. The relevant authorities, however, were informed of the breach. According to its statement to local media, StarHub said an illegally uploaded file containing the leaked data was found on a third-party data dump website. It added that the information appeared to date back to 2007. The file contained mobile numbers, email addresses, and identity card numbers for 57,191 customers who had subscribed to StarHub’s before 2007, it said. Apart from broadband and mobile, the telco also offers pay TV services in Singapore. All affected customers were from its consumer business, according to its website. When asked, a StarHub spokesperson would not say which customers were impacted or whether they were still customers. She also declined to reveal how often it conducted its online surveillance, citing security considerations, saying only that the telco conducted such activities “regularly”. She would not provide details when asked if the telco had determined the cause of the breach, saying only that there currently were no indications of compromise on its existing systems. According to StarHub, no credit card or bank account details were breached, and there currently was “no indication” the leaked data had been “maliciously misused”. It also noted that none of the company’s “information systems or customer database” were compromised. On its website, it said its investigation into the breach “verified the integrity of our network infrastructure”. The telco said an incident management team was assessing the breach and digital forensic and cybersecurity consultants were investigating the incident. The telco said it had begun “progressively notifying” affected customers via email and was offering six months of complimentary credit monitoring services through Credit Bureau Singapore, to track if any data might be used inappropriately. The service monitors subscribers’ credit report and notifies them of various predetermined activities, including when enquires are made on their credit file and if status on default records is updated. StarHub CEO Nikhil Eapen said in the statement: “Data security and customer privacy are serious matters for StarHub, and I apologize for the concern this incident may be causing our affected customers. We will be transparent and will keep our customers updated.

Analyst Notes

Any person affected by a data breach should monitor their credit accounts and banking institutions for any malicious activity. A credit monitoring service will be able to assist individuals with these searches. Associated passwords should also be changed and individuals should enable multi-factor authentication (MFA) when possible.

Source Article: