SINGAPORE: Personal data from potentially 2.8 million eatigo accounts were illegally assessed in a data breach.
In an email to customers on Saturday (Oct 31), the restaurant reservation platform said that along with other e-commerce sites, it was the subject of "a data security incident involving unauthorised access to our customer database".
"Our investigations indicate that the information that was illegally accessed was from more than 18 months ago and included customer names, email addresses and phone numbers," said eatigo.
"Your existing eatigo account password is protected by encryption and hence safe. We do not store credit card information on our system."
READ: Lazada suffers data breach; personal information from 1.1 million RedMart accounts for sale online
According to a post on an online forum purportedly selling personal data from various e-commerce sites around the world, information from 2.8 million eatigo accounts in Singapore, Hong Kong and Thailand are up for sale.
The same post listed for sale personal information from 1.1 million RedMart accounts. The data breach was confirmed on Friday by a Lazada spokesperson.
Eatigo said it was made aware of the incident on Friday, and urged users to reset their passwords as a precautionary measure.
"Your eatigo account password is encrypted and remains safe," it said in an email to customers.
"We recognise that this is unsettling news and we are deeply sorry for any inconvenience this might cause you. We have established a dedicated support team that you can reach out to for support on this matter."
CNA has contacted eatigo for more information.