Posted on April 6, 2021 at 8:15 AM
E2i Affected By Third-Party Attack With More Than 30,000 Clients Exposed
The personal data of about 30,000 clients of the National Trades Union Congress’ Employment and Employability Institute (e2i) have been compromised, according to a recent report.
The cybercriminals responsible for the hacking incident had unauthorized access to the names, employment details, contact information, and educational qualifications of the e2i clients.E21 offers job matching service and skills training for workers.
The hacking incident took place at a third-party vendor
The institute stated that it was made aware of the incident on March 12 after malware infected the mailbox of an employee i-vc International, one of its third-party vendors
The malware is usually delivered via spam email and is capable of evading detection and hindering analysis.
According to the report, the infected mailbox contained the personal data of those who had either used the institute’s services or participated in e2i events from 2018 to March this year.
However, it’s not clear whether the e2i IT system has been compromised or whether there has been a misuse of the data.
The institute has contacted respected authorities and launched an investigation into the hacking incident.
The incident was not disclosed by e2i immediately it occurred, and the institute has given a reason for that. According to e2i, it took some time to assess the situation due to the complexity of the investigations.
Increase in the level of third-party attacks
The company added that it is working with security experts and the third-party vendor to determine the extent of data affected in the breach.
The hacking incident is coming at a time when cybersecurity attacks on third-party vendors are on the increase.
Cyber attackers have now devised means of attacking institutions by seeking to compromise third parties who they feel are easy targets.
In December last year, SolarWinds was the victim of an attack that affected several top companies. About 18,000 customers of the company were affected by the hacking incident, including U.S. tech giants FireEye and Microsoft.
Shortly after the SolarWinds attack, a file-sharing platform provided by Accellion, a U.S. cloud-sharing company, was attacked.
It affected multiple customers all over the world, including Singtel, Singapore’s largest telco. About 129,000 Singlet users’ data was affected by the attack.
Another third-party data breach incident occurred last month when Microsoft Exchange e-mail server software was compromised. The attack exposed over 380 computer servers run by organizations in Singapore.
Last month, Singapore’s government announced that organizations operating the country’s infrastructure will be required to do more to ensure the security loopholes from their vendors are properly covered.
The government stated that infrastructure like public transport systems and telecommunications networks are critical. As a result, organizations need to assist third-party firms when it comes to cybersecurity.
Regarding the latest hacking incident, i-vic and e2i said they have taken serious measures to beef up their security infrastructure, especially the network and e-mail systems. They are also monitoring the systems to find whether there are potential vulnerabilities.
They have started contacting those who may be affected by the breach through phone calls, SMS, and e-mail. The clients are made aware of the breach to help them manage the potential risks involved in the incident.
Users have been advised to be cautious
During a breach of this nature, the users may suffer future fishing attacks from the details stolen by the attackers. The hackers can use the available data to launch future attacks, and both organizations are advising the users to remain vigilant regarding any suspicious message.
They should also be wary of any suspicious request or activities and should reply to emails not coming from a known contact.
The institution also warned the users that the scammers could try to contact them and pretend to be from r2i. But the users should watch carefully because any email from the scammers will be fake since they will not end with @e2i.com.sg, the genuine email id from the company.
E2i has also advised users to avoid filling their personal information in their passport. They should also change their passwords regularly to make it very difficult for threat actors to compromise their systems. The advice is specifically directed to users who are already exposed to the hacking incident.