SINGAPORE - The personal information of about 4,000 people on the Singapore Art Museum's (SAM) online mailing list was compromised recently, said the art museum on on Wednesday.
The names, e-mail addresses, phone numbers and, in some instances, nationalities of these individuals were illegally published on New Zealand-based storage website mega.co. nz for at least two hours on Nov 5 before the webpage containing the data file was taken down.
It is understood that no identity card numbers or credit card details were involved.
Speaking to reporters after a press conference, Mrs Rosa Daniel, deputy secretary (culture) at the Ministry of Culture, Community and Youth and chief executive officer of the National Heritage Board, said: "We take a very serious view of this incident."
She added: "What it has pointed to is for us to be vigilant and take strong measures to secure our information."
On Nov 4, the Infocomm Development Authority (IDA) got wind of a tweet by an individual named "CtrlSalad" who claimed to have "3.6k" e-mail, numbers, names and IP addresses including the Government's. It also provided the link to the mega.co.nz website.
On Nov 5, IDA informed SAM of CtrlSalad's tweet and that its data might have been illegally published and uploaded on an overseas server.
The museum immediately lodged a police report and removed the data file stored on SAM's website.
Another tweet on Nov 5 which might have been deleted said: "Oh I love being me! Should I release the Singapore Database I've been sitting on? Hmmm... in the name of @RaptorSwagger and #TheSwagWagon."
It is not clear whether CtrlSalad is in Singapore or elsewhere but The Swag Wagon appears to be a hackers' group.
Police are working with SAM and the National Heritage Board to investigate the incident, and are not ruling out any possibilities including hacking. The Straits Times understands that police are also questioning those who had access to the compromised data.