Details of 146 Income Insurance policyholders compromised after cyber attack of external vendor | The Straits Times

https://www.straitstimes.com/singapore/consumer/details-of-146-income-insurance-policyholders-compromised-after-cyberattack-on-external-vendor

The compromised statements include information such as names, postal address, policy number and plan, and annual bonus for the year 2024.PHOTO: ST FILE

SINGAPORE – The personal and policy information of at least 146 Income Insurance policyholders have been compromised after a ransomware attack on an external vendor engaged by the insurer.

A statement on Income’s website on May 29 said it was alerted on May 25 to a ransomware attack involving DataPost, a company responsible for printing and mailing documents to Income’s policyholders.

Ransomware is a malicious software designed to block access to a computer system, often until a sum of money is paid.

Preliminary investigations by DataPost show that the bonus statements of at least 146 policyholders have been compromised, said Income, adding that investigations are still ongoing and more customers could be affected.

These statements include information such as names, postal address, policy number and plan, and annual bonus for the year 2024.

“Income Insurance’s systems remain secure and are not compromised or affected by this incident. There is currently no evidence of unauthorised access to any of its digital platforms or systems,” the insurer said.

Income added that it immediately suspended all printing jobs with DataPost after the insurer was informed of the cyber attack.

Get a round-up of the top stories to start your day

[Sign up](javascript:;)

By signing up, I accept SPH Media's Terms & Conditions and Privacy Policy as amended from time to time.

Yes, I would also like to receive SPH Media Group's marketing and promotions.

“As an additional safeguard, Income Insurance also blocked connections to DataPost and reinforced firewall restrictions.”

It added that Income is on “heightened alert” to monitor suspicious or unusual account activity, and is contacting customers who are or may be affected by the incident.

An e-mail from Income to a policyholder on May 29 seen by The Straits Times states that the customer’s policies are safe and no log-in information has been compromised.

The e-mail also included advice for customers on how to protect themselves against phishing attempts, such as not giving away login credentials and one-time passwords to others.

In a media reply, DataPost said its investigation into the attack is in the “early stages” and it “will continue to comply with all regulatory obligations throughout the course of the investigation”.