Server containing Keppel Telecommunications and Transportation employees’ personal data hacked

SINGAPORE: A server previously owned and used by Keppel Telecommunications and Transportation (KTT) that contained the personal data of employees and former workers has been hacked, the company said on Tuesday (Dec 20) night.

KTT recently discovered that an unidentified hacker or hacker group had accessed the server on which some old files were stored.

“The incident did not involve nor affect any existing IT systems or infrastructure of KTT,” it said in a media statement.

The files on the server contained the personal data of KTT’s and some of its affiliates' employees and former workers, as well as former company shareholders prior to its delisting from the Singapore Exchange. It also contained "other information", but the firm did not elaborate.

“The data involved is historical data, some of which may no longer be current (or) applicable,” said the firm.

“KTT is contacting the relevant parties whose data may have been compromised and affected by this incident. It has notified the relevant authorities and is working closely with them on this matter.”

The company has started an investigation, with a team of “leading international cybersecurity and digital forensics experts”.

It said the incident was limited to the server and there has been no compromise of any of the IT systems of KTT, adding that the data on its IT systems remain secure.

“Immediate steps were taken to contain the incident and stop any further intrusions,” said the company.

“KTT regrets the inconvenience this cyber-attack has caused its stakeholders and would like to thank them for their patience and understanding as it continues its investigation into the breach,” it added.

A dedicated channel has been set up to provide support and assistance to those affected.