Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News Categories

30,000 users of NTUC’s e21 services facing the loss of personal data

By Ken Wong - on 6 Apr 2021, 1:15pm

30,000 users of NTUC’s e21 services facing the loss of personal data

Some 30,000 Singaporeans could be affected. Image courtesy of Google Earth.

The personal data of 30,000 users who utilised NTUC’s e2i services from November 2018 till 12 March 2021 has been lost to a malware attack.

e2i provides skills training and job matching services for workers.

According to their e2i website, anyone who participated in certain e2i’s events or utilised their services such as having attended a job fair, employability workshop, or career coaching could have been affected.

Alerted to a data incident where the mailbox of an employee of a third-party vendor, contact centre services firm i-vic International, had been infected by malware, e2i launched an investigation and reported this data breach to the Personal Data Protection Commission (PDPC) and the Singapore Computer Emergency Response Team (SingCERT).

But we have little control as to how our data is dealt with by third party vendors.

According to Evan Dumas, Regional Director, Southeast Asia, at Check Point Software Technologies:

As consumers, we provided the information in trust that the entity will adhere to best practices of personal identifiable information (PIA) data management. There is no reasonably effective way individuals can protect themselves if the authorities do not take precedence in protecting the citizens' privacy rights. Third-party vendors are a fact of life in current business practices and cannot be avoided. Perhaps it should be mandated (like that of GDPA) that any PII moving out of the entrusted entity must seek explicit approval from the user.

e2i has reached out to the affected individuals so that they can take note and exercise extra caution if they receive any suspicious email or call. Potentially affected Singaporeans will know that their data has been lost if they received notification via an email, SMS, or phone call from e2i. If you did not receive any notification from e2i, then the company says that their personal data wasn’t affected.

They caution affected Singaporeans to stay vigilant against phishing attempts and to keep an eye out for any suspicious activities or requests. They say that any suspicious emails or requests should be deleted immediately without clicking on any of the links in the email. They can also report the email to the Singapore Computer Emergency Response Team (SingCERT).

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.