YKGI, the operator of local F&B outlets, such as Yew Kee Duck Rice and Chicha San Chen, announced that it has recently encountered a cybersecurity incident, where its customer relationship management system which is operated by an external vendor was subject to a hacking incident.
An unknown party has gained unauthorised access to one of the vendor’s shared servers which resulted in an unauthorised access to the Chicha San Chen membership database stored on the shared server. Upon discovering the Incident, the vendor took immediate action to patch the server vulnerability.
YKGI has reported the cybersecurity Incident to the Personal Data Protection Commission.
Based on the investigations and analysis conducted by the vendor, the data leaked includes the personal information of Chicha San Chen member such as the member names, mobile numbers, email addresses and encrypted login passwords.
The group has initiated the process of notifying individuals whose data has been affected and recommends all members to change their login passwords as soon as possible. It will continue to work with the vendor to strengthen the cybersecurity.
Additionally, the group will be conducting a thorough review of the incident to ensure that the data entrusted to the vendor remains safe and secure.
See also: Chinese group accused of hacking Singtel in telecom attacks (update)
The group says that it is fully committed to responding to this incident transparently and proactively. The investigation is ongoing, and it will provide further material updates as new developments arise.
Shares in YKGI YK9 closed 5.4% higher at 9.7 cents on June 19.
