Award Banner
Award Banner

Man warns of mobile phone shops stealing customer NRIC numbers, selling data to third parties

Man warns of mobile phone shops stealing customer NRIC numbers, selling data to third parties
PHOTO: Unsplash, Facebook/lajakeusg

Amid a recent spate of online data breaches affecting Lazada, Razer, Shopback and RedDoorz, a recent viral Facebook advisory bears a sobering reminder that we should also remain vigilant even when patronising stores offline.

Some mobile phone shops have apparently been selling their customers' personal data to third parties that are using their NRIC numbers to sign up for new phone lines and purchase phones, warned a Facebook user who goes by Ajaq Burg.

In a viral post shared on Wednesday (Nov 25), the man detailed how his own mother had fallen victim to the identity theft. 

His mother only realised something was wrong when she received a notice on Nov 13 from the Singapore Police Force's Commercial Affairs Department, informing her that she would have to head down to Teck Ghee Neighbourhood Police Centre on Tuesday (Nov 24), he said. 

According to Ajaq, an Investigation Officer informed his mother that various mobile phone shops had been using her NRIC when she turned up for the interview.

She was also provided with a list of the shops and asked if she could recall visiting them.

About 10 others were present at the neighbourhood police centre for similar cases that afternoon, he said.

"Please be careful especially when you provide [mobile phone shops] your NRIC," Ajaq urged in the post, which has since garnered over 1,500 shares.

"Please let your parents know about this."


Under the Personal Data Protection Act, it is illegal for organisations to collect, use or disclose NRIC numbers unless it is required by law or it is necessary to accurately identify an individual.

Businesses licensed under the Telecommunications Act are one such exception — they are required to keep a record of the NRIC numbers of customers who subscribe to mobile telecommunication services.

However, they are still required to abide by the PDPA's Data Protection Provisions and keep the data secure.

This website is best viewed using the latest versions of web browsers.