SG employment agency that suffered data breach says most stolen data is from fake profiles

Protemps’ entire server had its data stolen and deleted on Oct 4, and the stolen data was uploaded online three days later. — Background photo created by jcomp -

SINGAPORE: An employment agency that suffered a data breach earlier this month has issued a statement acknowledging the incident, but said it never received any ransom demand to recover the data.

In its first comments on the attack, Protemps Employment Services said on Oct 27 that most of the stolen data was from fake profiles.

Protemps’ entire server had its data stolen and deleted on Oct 4, and the stolen data was uploaded online three days later.

The hackers claiming the attack called themselves Desorden Group.

The data purportedly contained the personal details of about 40,000 people who had submitted job applications to the company.

However, Dorothy Neo, the managing director of Protemps, told The Straits Times on Wednesday that the actual number of people affected was less than that claimed by the hackers.

She said most of the purported details were from fake resumes sent to the company through spam accounts, and that only 2,500 real applicants were affected.

Of these, she said only 300 profiles contained “full details”, including education background, salaries, contact numbers and addresses.

Desorden Group had made a video showing the stolen files and databases and which carried a warning to Protemps to “think carefully”.

However, Neo said Protemps neither received nor paid any ransom demand, which is usually the reason for such data theft.

“There was no ransom note sent to our vendor or Protemps to pay any amount to secure the release of data on our website,” she said.

“Protemps is committed to support our customers as we resolve this incident.”

She added that Protemps, which has an office at Paya Lebar Square, has contacted those affected to notify them of the breach.

The Personal Data Protection Commission was alerted to the incident, which was reported by The Straits Times on Oct 21, and investigations are ongoing.

Neo had initially declined to comment, but said she was choosing to do so now as the company’s working relationship with clients had been affected.

Desorden Group is known to target organisations related to supply chains.

Its name is Spanish and translates into “disorder and chaos”.

The data stolen from Protemps had been accessed by more than 60 entities when the breach was reported last week.

It has since been accessed by about 120 entities. – The Straits Times (Singapore)/Asia News Network

Article type: free
User access status:
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

Crypto catfishing: When online dating turns into Bitcoin scam
Bitcoin tumbles 5.5% to $53,436
Google real estate executive says 5% more workers coming in to office each week
Facebook whistleblower says transparency needed to fix social media ills
Twitter's design, engineering heads to step down in management rejig
Bring an old phone back to life with a free Android alternative
Fundraising for Latam fintechs likely to be under pressure
Waymo has tens of thousands people on San Francisco robotaxi waitlist, co-CEO says
Musk's Starlink to apply for India licence by end of January
Musk says Tesla's Cybertruck will have four-motor variant

Others Also Read