Employment Network ‘e2i’ Leaked Personal Data of 30,000 People

  • Thirty thousand Singaporean job hunters have had their personal data leaked from ‘e2i’.
  • The platform suffered a security breach three weeks ago but was still investigating to determine the impact.
  • The organization stated that the malware wasn’t targeting them directly, which could mean they had a worm infection.

NTUC’s e2i (Employment and Employability Institute) has had a data breach incident that has resulted in the exposure of the personal details of about 30,000, according to a media statement shared with Channel News Asia. Reportedly, the incident took place on March 12, 2021, so it’s been three weeks already. The breached entity states that someone managed to gain unauthorized access to a mailbox that contained the personal data of approximately 30,000 individuals, users of the e2i services.

e2i is a platform that connects workers and employers in Singapore, offering technical solutions relevant to job-matching, career guidance, skills upgrading, continuous professional development, manpower need changes, auto-recruitment, training, job redesign solutions, and more. Being on the top-3000 most visited sites in Singapore, the platform is bound to have many more members than the 30,000 that were exposed by this incident, so we would suppose that the attack must have been mitigated.

The details stored by e2i and subsequently accessed by the infiltrators include full names, NRIC, contact details, education qualifications, previous employment details, and everything else that one needs when going job hunting. The official excuse for delaying the public notice even though the compromised data was very sensitive is that the organization needed time to fully evaluate the breach’s impact and worked with a third-party expert to help them speed up the investigations.

Those affected by this incident should receive an email and SMS directly from e2i, as this is what the organization promised in the media statement. Thus, if you are a member of the platform and you haven’t received direct communication from them, it means your details aren’t included in the breach.

As for the technical and practical details of the attack itself, e2i chose not to share much on that part besides that there’s some kind of malware involved which allegedly did not target them directly. Could this mean that they’ve had a worm-style ransomware or botnet reaching farther than it was supposed to? We know that Ryuk has added this capability on its latest variants, but for now, we are limited to pure speculation.

REVIEW OVERVIEW

Latest

How to Watch Floyd Mayweather Vs. Logan Paul: Live Stream, Fight Date

Boxing legend Floyd Mayweather makes his return to the ring on June 06 to take on famous YouTuber Logan Paul in a...

Google Finds a Way Out of the Deadlock for YouTube TV on Roku

Google is offering a workaround for Roku users who suddenly got locked out of the YouTube TV app.The tech giant is incorporating...

Cryptocurrency Scammers Have Hijacked Twitter Account of Argentinian Politician

Bitcoin scammers have taken over the Twitter account of a prominent political person in Argentina.The actors are leading their prospective victims to...