Personal data of over 57,100 StarHub customers found on third-party website

STARHUB'S cybersecurity team has discovered a file with the personal data of 57,191 customers illegally uploaded on a third-party data dump website, the telco disclosed on Friday evening.

The data, which appears to be around 14 years old, comprises the identity card numbers, mobile numbers and e-mail addresses of customers who had subscribed to StarHub services before 2007. There is no indication that any data in this document has been maliciously used, StarHub said.

No credit card or bank account information is at risk and no StarHub information systems or customer database are compromised, the company added.

StarHub has since attempted to have the document removed from the data dump site. It has activated an incident management team to assess and contain the situation, engaged digital forensic and cybersecurity experts and taken steps to review security measures.

"Data security and customer privacy are serious matters for StarHub, and I apologise for the concern this incident may be causing our affected customers. We will be transparent and will keep our customers updated. We will provide support to those affected," said Nikhil Eapen, chief executive of StarHub.

The company is progressively notifying affected customers via e-mail and offering six months of complimentary credit monitoring service through Credit Bureau Singapore. This is expected to be completed within the next two weeks.

Shares of StarHub closed at S$1.25 on Friday, up 0.81 per cent.