OG department store customers' personal details leaked in data breach, Singapore News - AsiaOne
OG department store customers' personal details leaked in data breach
JANUARY 07, 2022
PUBLISHED AT 2:57 AM
ByROSALIND ANGTHE STRAITS TIMES
OG said that no financial information, such as credit card numbers, had been leaked.
The Straits Times file
SINGAPORE - There has been a leak of OG department store customers' personal data such as names, mobile numbers and dates of birth, said the retailer on Thursday (Jan 6).
In a statement to OG members, the department store said it was notified on Tuesday about the data breach, which affected members who are in either the basic or gold tiers.
More from AsiaOne
Read the condensed version of this story, and other top stories with NewsLite.
In response to queries from The Straits Times, OG said it has asked its service provider to take immediate action to manage and remediate the breach and ensure that the database is secure.
A spokesman for OG said: “The management of OG is working closely with cyber security consultants and the authorities to strengthen our safeguards, systems and process. Our priority is to make sure customer data is safe.”
In the statement to its members, OG said its preliminary investigations indicated that the database, which had been stored and managed by an external third-party membership portal service provider, had been compromised.
“We are informing you (OG members) now so that you can take appropriate steps expeditiously to protect your online credentials,” the department store said.
The spokesman and the statement did not say how many members were affected.
Read Also
Man warns of mobile phone shops stealing customer NRIC numbers, selling data to third parties
Man warns of mobile phone shops stealing customer NRIC numbers, selling data to third parties
Data that may have potentially been compromised includes the names of OG members, their mailing addresses, e-mail addresses, mobile numbers, genders, dates of birth, as well as encrypted NRIC data and passwords.
It added that no financial information, such as credit card numbers, had been leaked.
In its statement, OG said it has reported the matter to the police and other relevant authorities, including the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore (CSA).
The retailer said that affected people should be wary of phishing or impersonation attempts. It urged members who have reused their OG membership password across different websites or platforms to change their passwords immediately to avoid any possible compromise of their other accounts.
Those affected by the incident can also enable additional security measures, such as multi-factor authentication if supported, said the retailer.
JANUARY 07, 2022
PUBLISHED AT 2:57 AM
ByROSALIND ANGTHE STRAITS TIMES
OG said that no financial information, such as credit card numbers, had been leaked.
The Straits Times file
SINGAPORE - There has been a leak of OG department store customers' personal data such as names, mobile numbers and dates of birth, said the retailer on Thursday (Jan 6).
In a statement to OG members, the department store said it was notified on Tuesday about the data breach, which affected members who are in either the basic or gold tiers.
More from AsiaOne
Read the condensed version of this story, and other top stories with NewsLite.
In response to queries from The Straits Times, OG said it has asked its service provider to take immediate action to manage and remediate the breach and ensure that the database is secure.
A spokesman for OG said: “The management of OG is working closely with cyber security consultants and the authorities to strengthen our safeguards, systems and process. Our priority is to make sure customer data is safe.”
In the statement to its members, OG said its preliminary investigations indicated that the database, which had been stored and managed by an external third-party membership portal service provider, had been compromised.
“We are informing you (OG members) now so that you can take appropriate steps expeditiously to protect your online credentials,” the department store said.
The spokesman and the statement did not say how many members were affected.
Read Also
Man warns of mobile phone shops stealing customer NRIC numbers, selling data to third parties
Man warns of mobile phone shops stealing customer NRIC numbers, selling data to third parties
Data that may have potentially been compromised includes the names of OG members, their mailing addresses, e-mail addresses, mobile numbers, genders, dates of birth, as well as encrypted NRIC data and passwords.
It added that no financial information, such as credit card numbers, had been leaked.
In its statement, OG said it has reported the matter to the police and other relevant authorities, including the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore (CSA).
The retailer said that affected people should be wary of phishing or impersonation attempts. It urged members who have reused their OG membership password across different websites or platforms to change their passwords immediately to avoid any possible compromise of their other accounts.
Those affected by the incident can also enable additional security measures, such as multi-factor authentication if supported, said the retailer.
