Singtel third-party vendor hacked, customer information 'may have been compromised'
The vendor, Accellion, says this incident is part of a "wider concerted attack" against users of their file-sharing system.
SINGAPORE: Singtel is assessing the nature and extent of a potential data breach on a third-party file system used to share information after it was attacked by hackers.
In a media statement on Thursday (Feb 11), Singtel said it was informed by third-party vendor Accellion that its file-sharing system FTA was “illegally attacked by unidentified hackers”.
FTA is a standalone system used to share information internally and with external stakeholders, said Singtel.
“Accellion has informed that this incident is part of a wider concerted attack against users of their file-sharing system,” it added.
“Customer information may have been compromised. Our priority is to work directly with customers and stakeholders whose information may have been compromised to keep them supported and help them manage any risks.
“We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed.”
The company has since suspended the use of the system, it added. It has also started investigations, and is working closely with cyber security experts and relevant authorities, including the Cyber Security Agency of Singapore.
In a press release, Accellion said it has patched all known vulnerabilities exploited by the hackers and added new monitoring and alerting capabilities to flag anomalies associated with the attack vectors.
It said it informed all FTA customers of the attack on Dec 23 last year.
“Accellion continues to work closely with FTA customers to mitigate the impact of the attack and monitor for anomalies,” it added.
Singtel said the incident was isolated and that its “core operations remain unaffected and sound”.