WhizComms data breach: About 50% of customers affected, notified on May 10

After WhizComms staff detected the data breach, the service provider blocked any further third party access and filed a police report. PHOTO: WHIZCOMMS

SINGAPORE – About 24,000 customers of broadband service provider WhizComms, or roughly half its customer base, had their personal information stolen by an external party in a data breach incident detected on April 21.

The affected people received an e-mail on May 10 informing them that a third party had accessed the firm’s Web server and downloaded scanned images of customers’ personal information.

The bulk of the information downloaded was scanned images of NRICs, which are needed to register for the broadband service, a spokesman told The Straits Times on Thursday.

Some scanned images of work permits and visa approval documents were also downloaded.

But the spokesman stressed that customers’ contact information and payment details had not been stolen. He said the firm had “investigated completely” and no other information had been compromised apart from what was found on the NRICs or work permits.

While home addresses are among information available from the images of scanned NRICs, he said these could differ from the actual installation addresses for the broadband service, which had not been stolen by the third party.

After WhizComms staff detected the breach while scanning the customer database, the service provider blocked any further third-party access and filed a police report, the spokesman added. He declined to elaborate further, citing ongoing investigations.

Join ST's WhatsApp Channel and get the latest news and must-reads.