About 685,000 registered user profiles on the HardwareZone (HWZ) Forum website were found to be affected in a security breach, following an investigation into a suspicious posting on Feb 18, 2018.
According to a press release from SPH Magazines which owns the website, investigations found that a Senior Moderator’s account had been compromised by an unidentified hacker. It was used to view approximately 685,000 registered user profiles since September 2017.
"The hacker used the compromised credentials to impersonate the Senior Moderator to retrieve user profile data which comprised name, email address and user ID, and possible optional data fields," said the statement.
It added that the HWZ database does not contain NRIC numbers, telephone numbers and addresses as these were purged in line with the Personal Data Protection Commission (PDPC) Guidelines in July 2015.
Forum users have been advised to change their forum account password.
SPH Magazines says a police report has been lodged and PDPC has been informed. It has also engaged security consultants to conduct a thorough review of the system.
"SPH Magazines and HWZ sincerely apologise to HWZ users for this breach of security. We remain committed to protecting all personal data shared with us," said the statement.