Home GDPR #Privacy: Personal data of over 6,541 Singapore accounts exposed in a security lapse
GDPR - November 22, 2019

#Privacy: Personal data of over 6,541 Singapore accounts exposed in a security lapse

Uncovered months later, a folder containing the personal data of 6,541 accountants was “inadvertently” sent to multiple parties.

The Singapore Accountancy Commission (SAC) announced in a statement released today, that it had accidentally disclosed the chartered accountant (CA) qualification exam results and the personal information of 6,541 people.

The exposed personal information included names, NRIC numbers, contact details, dates of birth, and education and employment information.

The SAC, a statutory body under the Ministry of Finance, stated that it sent the folder containing the data in an email to 41 individuals at 21 accredited training organisations and one vendor, between June 12 and October 22 this year.

The data leak had been uncovered on november 7, after the SAC had implemented a “new data protection filter” as part of the recommendations by the Public Sector Data Security Review Committee.

Following the discovery, the 22 organisations were contacted by the commission, requesting them to delete the data folder, as well as any forwarded data.

All 22 organisations have confirmed that the folder has been deleted. However, the SAC has not confirmed how many other parties accessed the data.

On November 22, all impacted individuals were informed, and the Personal Data Protection Commission was also alerted about the security lapse.

“The SAC takes a serious view of this Incident and deeply regrets this mistake. The SAC will set up a panel to review the incident and make any necessary recommendations,” said the SAC.

The post #Privacy: Personal data of over 6,541 Singapore accounts exposed in a security lapse appeared first on PrivSec Report.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

CISA believes SolarWinds attack could have been prevented with simple countermeasures

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency…