digicult

Singapore online retailer refutes claim that 900k customer accounts breached

Singapore online retailer refutes claim that 900k customer accounts breached
PUBLISHED ONNovember 12, 2014 6:11 AM

SINGAPORE - Online fashion retailer Zalora.sg has issued a statement to refute claims that its customers data have been leaked.

RELATED STORIES
 

The rebuke comes after online satirical group SMRT Ltd (Feedback) posted a screenshot on Tuesday evening showing a seller who claimed to have the details of 900,000 Zalora customer accounts.

The online vigilante group later clarified that the data breach amounted to 1.49 million Singapore online shopping accounts, of which 400,000 was from Zalora.sg and Reebonz.com.sg each. The remaining 650,000 account details were from Deal.com.sg, SMRT Ltd (Feedback) said.

An hour after SMRT Ltd (Feedback) posted the screenshot, a person claiming to be the Head of Data at Zalora Singapore, Dat Le, commented on the photo, saying that "[Zalora does] not have 900,000 customers in Singapore."

"I have just double checked myself for each of the order_id(s) showed and can confirm that," Dat Le said on his Facebook page.

Zalora.sg posted an official statement on its Facebook page today afternoon denying the data breach. 

[[nid:100485]]

"We've checked our database log and information and we confirm that the screen capped database that is posted is not our database," Zalora said.

"We would like to assure our online shoppers that we follow a comprehensive personal data protection policy, and our database is secured behind several layers of protection and access control, with detailed audit logs for monitoring."

According to the SMRT Ltd (Feedback) screenshot, the seller claimed to have been selling account information for the past four years, and was asking for $4,500 for the 900,000 account details.

Zalora said in its statement that its customer database "is extremely secure and has never been sold, monetised or shared with third parties." 

[[nid:68592]]

"We do not compromise on our customer's privacy. We are committed to finding more ways of keeping our database as secure as possible, as customer data privacy is of the utmost importance to us," Zalora said.

"As a leading e-commerce player, ZALORA recognises that customer data security is sacrosanct, and we built our organisation and ZALORA systems with this in mind."

These latest allegations come in the wake of the K Box saga where 300,000 of its customers' details were leaked.

On Monday, the Straits Times reported that Singapore's privacy watchdog, the Personal Data Commission is looking to form a panel of digital forensic experts to help with data breach investigations.

grongloh@sph.com.sg

[[nid:149313]]
Hacking
This website is best viewed using the latest versions of web browsers.