Singtel hit by third-party vendor’s security breach, customer data may be leaked
Singtel says it is investigating the impact of a cybersecurity breach that may have compromised customer data. The attack had affected a file-sharing system provided by a third-party vendor Accellion, which the Singapore telco had used internally and with external stakeholders.
Singtel revealed in a statement Thursday it was notified by Accellion that the file-sharing system, called FTA (File Transfer Appliance), had been breached by unidentified hackers. The telco said the tool was deployed as a standalone system and used to share information within the organisation and with external stakeholders.
All use of the system had been pulled back and relevant authorities, including Singapore’s Cyber Security Agency, were notified. Singtel added that it currently was assessing the nature and impact of the breach, and the extent of data that might have been illegally accessed.
“Customer information may have been compromised,” the telco said. “Our priority is to work directly with customers and stakeholders whose information may have been compromised to keep them supported and help them manage any risks. We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed.”
Adding that the incident was “isolated” since it involved a standalone third-party system, it said its “core operations” was not unaffected.
Accellion on February 1 said its FTA system was a 20-year large-file transfer software nearing the end of its lifecycle. It had been the target of a “sophisticated cyberattack”, which was first made known on December 23 when Accellion informed all its customers of an attack involving the file-sharing system.
The vendor said it was “made aware of a zero-day vulnerability” in mid-December, which then was the “beginning of a concerted cyberattack” that continued into January 2021, with further exploits identified. It said it had released a fix for the initial exploit within 72 hours and continued to release patches to close each vulnerability discovered in the following weeks.
Fewer than 50 customers were affected by the incident, Accellion said, noting that it had added monitoring and alerting tools to identify anomalies associated with these attack vectors.
It said the vulnerabilities were limited to the FTA software and did not impact its enterprise content firewall product, Kiteworks, on which most of Accellion’s customers operated. Kiteworks was developed on a different code base and security architecture, the vendor said.
ZDNet sent several questions to Singtel including when it was first notified of the breach and why it still was using a 20-year file-sharing product that was nearing the end of its lifecycle. This article will be updated when the telco responds.