Esso discount programme customers’ credit card details possibly exposed after ransomware attack
Sign up now: Get ST's newsletters delivered to your inbox
The Esso Corporate Fleet Discount Program, a tie-up with ExxonMobil, has had more than 18,000 customers since it was launched in 2003.
PHOTO: ST FILE
SINGAPORE – The credit card details of motorists on the Esso Corporate Fleet Discount Programme could potentially have been exposed, after a ransomware attack on Singapore firm Abecha, which runs the programme.
In an e-mail to affected customers on Aug 28, Abecha said it discovered the attack on its servers and customer database on Aug 13. Customers’ credit card numbers and expiry dates could not be accessed as a result.
“As far as we are aware, none of your other personal data (such as names, addresses or any other contact details) was affected,” the e-mail stated.
Customers were advised to monitor their credit card statements for any unauthorised transactions, and report any suspicious transactions or unusual activity.
When contacted, an Abecha spokesman said: “There is no evidence that any data has been exfiltrated or extracted by the unauthorised party resulting from the incident. We will also like to assure our customers that there is no impact on any transactions, and it is very much business as usual for them.”
The Esso Corporate Fleet Discount Programme, a tie-up with ExxonMobil, has had more than 18,000 customers since it was launched in 2003.
The card is offered to corporate employees. Abecha also has similar programmes for corporate customers with Citibank and DBS Bank cards.
The firm declined to disclose the number of customers affected. It said it acted swiftly to shut down the affected servers. It also engaged professional data protection and cyber-security experts to investigate the incident and advise on the security measures to undertake.
Abecha has made a police report and notified the Personal Data Protection Commission Singapore, which said it is investigating the incident.
Public relations professional Alson Tang, 39, said he is worried as he had provided his bank account number when he registered for the Esso Corporate Fleet Discount Programme. “Fuel prices are very high and the discount is attractive, but my trust in the organisation has been shaken somewhat.”
Mr Davidson Chua, 25, co-founder of car selling aggregator platform Telequotes, said the news was “definitely shocking”.
He has not observed any suspicious transactions on the credit card that he used to sign up for the bulk fuel discount programme in April. “Without knowing about this news, I wouldn’t have checked my credit card transactions, and anything could have happened since I do not use the Abecha Esso fleet card on a regular basis,” he said, adding that he plans to cancel his card.
