In a media statement, Singtel said it was informed by third-party vendor Accellion that its file sharing system called FTA has been illegally attacked by unidentified hackers.
Singtel is in the midst of evaluating the nature and extent of the data that has been potentially accessed due to the data breach of their file sharing system.
FTA is the standalone system used by Singtel to share information internally and to their external stakeholders.
On its end, third party vendor Accellion also issued a statement, saying the incident is part of a wider concerted attack against users of their file sharing systems.
“Customer information may have been compromised. Our priority is to work directly with customers and stakeholders whose information may have been compromised to keep them supported and help them manage any risks,” Accellion added.
“We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed.”
Singtel has since suspended all use of the system and has initiated investigations, working together with cyber security experts and the relevant authorities – including the Cyber Security Agency of Singapore – who are providing additional guidance.
Accellion in a press release revealed that they have patched all known FTA vulnerabilities exploited by the attackers and that new monitoring and alerting capabilities to flag anomalies associated with these attack vectors have been added.
" All FTA customers were promptly notified of the attack on December 23, 2020,” it added.
Accellion revealed that they will continue working closely with their FTA customers to mitigate the impact of this attack, and to monitor for anomalies.
Singtel shared that the breach is a separate incident, and that the company’s “core operations remain unaffected and sound”.