Singapore

62,000 emails to Certis customer service account may have been accessed after phishing incident

A man types into a keyboard during the Def Con hacker convention in Las Vegas
File photo of a man typing into a keyboard. (Photo: REUTERS/Steve Marcus)
By Lakeisha Leo
(Updated: )

Bookmark

SINGAPORE: About 62,000 emails sent to a customer service account of Certis may have been accessed in a cybersecurity breach following a phishing incident, the security firm said on Friday (Apr 9).

Certis said about 1.2 per cent of the emails currently being examined contain personal information such as NRIC and credit card numbers.

“The extensive process of examining all the emails for personal data is still ongoing,” said Certis, adding that its customer databases were not compromised.

It added: "We are examining every email correspondence in the affected mailbox to sift out only affected individuals, corporate organisations and customers who may have sent emails containing personal data."

The company said it was alerting all affected individuals who may potentially be at risk. 

READ: Singapore's crime rate up in 2020 amid rise in scam cases

In a media release, Certis said it was alerted to an incident on Mar 17 where several individuals received emails from a single email account, which appeared to be from Certis and were sent between Mar 16 and Mar 17. 

"Our IT team immediately conducted an investigation, and we were able to conclude that this is an isolated incident," said Certis. 

"The phishing emails did not originate from Certis's customer service email account on Microsoft Office365 cloud and no customer database had been compromised."

Certis added that such incidents are taken seriously and it has "intensified" its investigations, which revealed the emails were potentially a part of a wide phishing attack targeting Microsoft Office365 cloud email accounts. 

"During the same period of time when the phishing emails were sent, there was unauthorised access into the same customer service email account.

"Our IT team took urgent steps to strengthen our authentication processes and scanned (the) affected computers. No further unauthorised access has been detected," said Certis. 

READ: More than a quarter of Singapore residents suffered at least 1 cybersecurity lapse in past year: CSA survey

Chief executive for Singapore, Certis, Ronald Poon apologised to all individuals who may have been affected by the incident.

Mr Poon added that Certis's email system will undergo further reviews to mitigate vulnerabilities and enhance its data and the data of its customers. 

"I would like to assure all our customers that this is an isolated phishing incident linked to a single email account. We can affirm that none of our customer databases were compromised. Our operations remain secure and unaffected," he said. 

Certis also engaged the services of a "reputable" identity theft provider, which is offered to affected individuals at no cost for 12 months. This would help alert them upon detection any potential misuse of their personal data, it said. 

In an FAQ on its website, Certis said it will also reinforce cybersecurity training efforts for all its employees. They will be required to complete mandatory cybersecurity training annually, including a module on how to identify phishing emails. 

Source: CNA/lk(rw)