Jumbo Group, Mustafa hit by cyber attacks, Latest Singapore News - The New Paper
Singapore

Jumbo Group, Mustafa hit by cyber attacks

Well-known Singapore companies Jumbo Group and Mustafa have been hit by cyber attacks.

Jumbo Group said in a bourse filing on May 23 that the seafood restaurant chain was subjected to a “ransomware incident” recently.

The statement, signed off by group chief executive and executive director Ang Kiam Meng, did not mention the date, duration or extent of the attack, as well as whether a ransom was paid.

The group said neither it nor external experts have noticed any evidence of data being removed unlawfully, based on preliminary investigations.

It said: “The group had activated its business continuity plan immediately.

“As at the date of this announcement, there has been no significant impact to the group’s business operations arising from the incident.”

It added that the incident has been reported to the authorities, including the police, the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore.

ST has contacted Jumbo Group for more information.

Separately, the Mustafa group of companies – which runs a shopping mall in Little India, among other businesses – has been hit by a data leak.

On April 25, a cyber attacker on popular hacker forum BreachForums claimed to have stolen the personal information of Mustafa customers and employees. The forum has been shut down in recent weeks.

The hacker, who previously claimed to have stolen data from a global database that companies use to identify potential criminals, alleged that he had obtained 180GB of data belonging to Mustafa.

Files uploaded onto the forum, seen by The Straits Times, contained data including full names, NRIC numbers and home addresses. The files have since been removed.

In response to ST’s media queries, the PDPC said it is aware of and investigating the incident involving Mustafa, and has contacted the group for more information.

Meanwhile, a Mustafa spokeswoman said it has engaged external cyber-security professionals and an auditor, and started a “thorough review” of its IT systems.

She added: “We have also reported the matter to the relevant authorities in Singapore.

“As investigations are still ongoing, we are not able to provide any other details at this stage.”

The group did not respond to queries on the timeline of its response to the attack and whether a ransom was paid.

CYBER SECURITYData protectioncrime