A MyRepublic data breach has raised controversy over security for critical data being housed in third-party infrastructure, according to researchers. Almost 79,000 MyRepublic mobile subscribers have been exposed in a data breach that affected personal information such as scanned copies of Singapore’s National Registration Identity cards, names, pictures, dates of birth, addresses, countries of origin, race, and gender. In some instances, foreign residents’ proof of residential address documents, names, and mobile numbers were affected as well.
MyRepublic reported that account numbers and payment information were not accessed in the breach. The company also stated that its internal infrastructure was not compromised. However, the security incident has left cybersecurity professionals wondering whether companies need to allocate greater consideration when securing data housed in third-party infrastructure. Some researchers state that companies must be held accountable for breaches as they are tasked with storing and protecting sensitive data.
Read More: MyRepublic Data Breach Raises Data-Protection Questions