The Knowns, who made headlines yesterday for stealing the personal data of more than 300,000 customers of a popular karaoke chain, said in a Twitter post that they claimed another victim, Bakerzin, in another security breach in June.
The group said it did so because it felt the local dessert chain had unfair employment practices.
But a check showed that the link, which supposedly leads to Bakerzin's customer database, did not work.
Bakerzin, which has about 15 outlets in Singapore and Indonesia, declined to comment.
The K Box breach was revealed through an e-mail, purportedly sent by the group to media outlets on Tuesday, which said it was releasing the data to show its displeasure over recent increases in toll charges at the Woodlands Checkpoint.
Little is known about this group, said security experts. "They might be newly formed," said Mr Alvin Tan, regional director at IT security firm McAfee.
It is also difficult to ascertain the group's identity since it has gone to great lengths to keep itself, well, unknown. For example, the e-mail blast to media outlets was through Tor, a service client that protects its users' privacy by transmitting information through random and multiple pathways. This prevents easy tracking.
"The intention of using Tor is to remain anonymous," said Mr Jimmy Sng, technology partner at PwC South East Asia Consulting. He added that with more online presence by companies, they have more responsibility to keep data secure.