In a significant security lapse, Mustafa Singapore, renowned for its 24-hour shopping mall, jewellery outlets, and diverse financial services, fell victim to a large-scale data breach spanning its entire business spectrum.
A threat actor named “GHOSTR” breached, staggering 180.3GB of sensitive databases between March 20th and 31st, 2024, due to the company’s poorly secured server network.
This breach not only compromised Mustafa’s retail and financial arms but also affected its other ventures, including restaurants, travel services, and visa applications.
The incident raises serious concerns over the cybersecurity measures employed by the company, especially given its prominent status in Singapore’s business landscape.
Despite notifying Mustafa’s management of the breach in early April, the hackers received no response until recently, when news of a separate data breach involving the World-Check database surfaced.
It appears that the Mustafa breach is directly linked to vulnerabilities in how the company utilized the World-Check database for its Know Your Customer (KYC) and Anti-Money Laundering (AML) processes.
The scope of the breach is alarming, with stolen data encompassing personal information from Mustafa’s various sectors, totaling over 3.5 million records.
Additionally, more than 400,000 biometric fingerprint records of both customers and employees were compromised in the breach, raising serious privacy concerns.
Never forget to check out our YouTube channel, ETHICAL EMPIRE, and keep reading our exciting blogs. Until next time, stay curious, stay secure, and keep exploring the fascinating world of cyber security. See you soon, bye!