Q: What happened?
A: We are investigating an unauthorised data access on a third-party platform that we use to store mobile subscriber data. The data storage facility has since been secured, and the incident has been contained.
Q: How do I know if I’m affected?
A: Based on our investigation, the unauthorised access affects only some of our mobile subscribers based in Singapore. If you are in this group, you should have received an email from us with more information. Please reach out to us here if you did not receive the email, or if you have any additional questions.
Q: Does this mean we will experience downtime on MyRepublic networks?
A: Our operations and systems are not affected and continue to run smoothly without disruption.
Q: I am a MyRepublic broadband customer. Does this affect me?
A: There is no indication that our broadband customers are affected.
Q: What do I need to do in the meantime?
A: While we currently have no evidence of misuse of the personal data involved in this incident, we are taking steps to notify you of the possibilities. It is important that you remain vigilant for any potential signs of identity fraud. We recommend that you:
- Keep an eye on your financial and other accounts for suspicious activity, such as unauthorised transactions and changes to account details, and notify your bank as soon as possible if you notice any such activity;
- Check with Singapore Post that your mail has not been redirected if you find you are not receiving mail, and secure your letterbox (fraudsters sometimes redirect or steal mail to avoid detection);
- Contact us here if you receive an unsolicited number port request (fraudsters sometimes attempt to port mobile numbers to obtain access to SMS authentication messages)
It is also possible that someone could contact you in an attempt to trick you into providing more personal data or access credentials - this is called “social engineering”. To protect yourself against social engineering, you should:
- Be wary of anyone contacting you who requests personal data or access credentials from you, even if they appear to know other details about you;
- Not respond to email or SMS messages asking for personal data (few legitimate organisations will ask for personal information by email or SMS); and
- Be careful of unsolicited telephone calls which purport to be from a government authority or business (if you think the call is genuine, hang up and call the authority or business back on their public telephone number).
Q: What are you doing to prevent something like this from happening again?
A: We are reviewing all our systems and processes, both internal and external, to ensure an incident like this does not occur again.
Q: Has the incident been contained?
A: Yes, the incident has been contained.
Q: Who can I contact if I have any questions?
A: You may reach out to our customer support team here or call MyRepublic support hotline at +6568140014 (9am-6pm, Mon-Fri, excluding Public Holidays)