According to a report Singtel, the company is investigating the impact that one may have had security breach to one of its suppliers, which may have put in risk records of its customers. THE attack affected a vendor file sharing system Accellion, which the telecommunications company had used both internally and externally.
Singtel revealed on Thursday that Accellion had notified it of a breach in its file-sharing system, called FTA (File Transfer Appliance). The company stated that tool was developed as an autonomous system and used to exchange information within the organization and with external partners.
The system has been withdrawn and the competent authorities, including the Security Service in cyberspace of Singapore and local police, have been informed of the incident. Singtel added that it is currently assessing the nature and impact of the breach, as well as the extent of the data that may have been affected.
"Customer information may have been compromised", Said the company. "Our priority is to work directly with clients and stakeholders whose information may have been compromised to support and assist them in managing any risks. We will contact them as soon as possible once we have identified which files related to them have been compromised. "
Adding that the incident was "individual"As it concerned an autonomous system of third parties, he said that the"its basic functionsAre not affected. At Frequent questions published in Internet, Singtel said it was reviewing file sharing procedures and protocols to “further improve the security of its information".
He noted that due to the complexity of the issue, the assessment of its effects will take some time.
Accellion has announced that its FTA system, which is 20 years old and nearing the end of its life cycle, has been targeted by a "complex cyber attack", Which was first announced on December 23 when the company informed all its customers.
The company said that the first repair was released on December 24, while the second and last update on December 27.
Accellion released a news release on January 23rd vulnerability, for which the patch released on December 27 was not effective, according to Singtel. The company then shut down the FTA system connection.