It has been reported that Singtel, the Singapore-based telco had recently fallen victim to a severe cyber hack.
Perpetuated by threat actors, the cyber hack employed the exploitation of vulnerabilities in file-sharing system software that was being utilized by the company, including a zero-day vulnerability.
Accellion Inc was the cloud-solutions company that provided the share data and sensitive files internally as well as with external parties to Singtel called FTA. Accellion had reportedly notified them of the cyber hack back in December 2020 along with several other affected customers.
Investigations by authorities and Cybersecurity experts:
Singtel is working in close cooperation with law authorities as well as cybersecurity experts that also involves additional supervision from the Cyber Security Agency of Singapore to investigate the cyber hack. They are currently suspecting the mal-utilization of FTA.
As to detail the cyber hacking, the telco surmises that sensitive customer data may have been compromised. Hence to determine the substantial nature and extent of the data that may have been potentially hacked, Singtel is carrying out an “impact assessment”
In a statement issued by the company, Singtel stated that they prioritize working with customers and stakeholders whose sensitive data may be jeopardized to assist them in managing any data breach risks.
“We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed,” ascertains Singtel.
Impact of the cyber hack:
Singtel states that this is a very peculiar event that is involving an independent third-party software system i.e FTA vulnerabilities of Accellion and that the fundamental operations of the company remain unaffected.
Cybersecurity experts say that if any data may have been accessed illegally, it was most like that the pieces of information included customer usage plans, data balances, and average spending.
Even though it may not look like much, such type of data could still be exploited by not only scammers but also Singtel’s opponents.
It is reportedly noticed that supply chain cyber vulnerabilities have become major targets for cyber hacks as an aftermath of the multiple controversial SolarWinds’ cyberattacks.
As cybersecurity experts say, targeting suppliers results in a larger number of impacted victims and means little effort for threat actors and cybercriminals.