Security lapse exposes personal data of 6,500 Singapore accountants
The Singapore Accountancy Commission (SAC) sent email messages to parties with an attached folder containing the personal data of over 6,000 accountants. The security lapse was uncovered months later when the Accountancy Commission conducted a review. Information exposed included names, national identification number, date of birth, and employment information. The Ministry of Finance stated on Friday that 41 individuals in 22 organizations had received the files. The data breach occurred between June 12 and October 22 of this year and the organizations that received the files comprised of 21 Accredited Training Organizations (ATO) and one vendor. The purpose of the email was to inform them of administrative matters such as what logos to use.
SAC uncovered the lapse on November 7 and requested that the organizations delete the folder as well as determine that it had not been forwarded to other parties. The Singapore government said earlier this summer that they would roll out several new technical measures for stems, including stronger encryption for files. After a series of data breaches involving government entities, Singapore decided that several actions must be taken. A review of the public sector’s cybersecurity infrastructure and policies lead to the creation of a committee that evaluates the security of data.