SINGAPORE: The private information of around 128,000 buyers of lenders has been stolen after a third-party IT merchant was hacked.
The Ministry of Law ( MinLaw ) confirmed on Thursday ( Jul 25 ) that the data breach involved the borrower data of 12 authorised moneylenders who are using Ezynetic, a third-party IT vendor, as their contractor.
Ezynetic’s program is not hosted on or linked to the president’s system, said MinLaw, which is the controller of qualified moneylenders.
The government added that Ezynetic’s method was “accessed by a malicious artist” and files containing “personal distinguishable information” was leaked.
In response to CNA’s comment, MinLaw said the compromised information included the titles and NRIC figures of borrowers, as well as payment info.
The information has been published on various websites. According to the government, affected borrowers have been warned to watch out for phishing and other scams that use the jeopardized data.
The 12 usurers are Ban King Credit, Credit 21, Lending Bee, Katong Credit, Credit Thirty3, GS Credit, 1AP Capital, Creditmaster, BST Credit, U Credit, Horison Credit and Credit Matters.
The Personal Data Protection Commission ( PDPC ), the CSA, the CSA, and the CSA have received reports from the moneylenders and Ezynetic.
According to MinLaw, they have started reminding their customers to stay alert for potential hacking scams and have started notifying them of the violation.
CNA has asked the government for more information
Eight different licensed lenders that use Ezynetic’s services were no affected.
Credit Bureau Singapore ( CBS ) has restricted access to the platform for all 20 licensed moneylenders Ezynetic serves as a containment measure.
The Moneylenders Credit Bureau ( MLCB) platform, a central repository of information on borrowers ‘ loans and repayment records with all licensed moneylenders in Singapore, is operated by Credit Bureau Singapore, the designated credit bureau.
The other 133 licensed money lenders in Singapore are still able to access MLC B’s online services at all times. For more information, customers with queries may contact the particular qualified moneylenders.
The government stated that it is concerned about the information violation.
” The licensed moneylenders have a duty to safeguard any data in its hands or command. This includes data that is stored on the methods of their third-party vendors.
” MinLaw is working with CSA and PDPC to investigate the situation. MinLaw is also in close contact with the Credit Bureau of Singapore to help with the work of the damaged registered lenders to recover their businesses. “