Singapore-based firm fined S$74K for data breach due to weak password affecting over 500K users - Singapore News
Source: The Independent
Published on: 2024-05-25 05:55
SINGAPORE: The Personal Data Protection Commission (PDPC) has fined PPLingo S$74,000 for a data breach caused by a weak password that affected over half a million users. The Straits Times reported that the breach in April 2022 exposed sensitive personal information, including cellphone numbers, bank account numbers, signatures, and identity card numbers of Chinese nationals. This breach impacted 557,144 users, including more than 300,000 minors using the company's online language lessons. PPLingo, under the website LingoAce, offers Chinese and English language classes for children aged four to 15 worldwide. The data breach was facilitated by a weak administrator password, "lingoace123," which had not been changed for over two years. Based on the company's website name, this password was compromised through brute force attacks, a method where hackers use trial and error to crack passw...
(Please login to view full article)Third-Party Content Disclaimer
Content displayed on this platform may include news articles, reports, and other materials aggregated from publicly available third-party sources through automated tools. Such content is not created, written, commissioned, or edited by Straits Interactive Pte Ltd or the Data Protection Excellence (DPEX) Network.
While we take reasonable steps to ensure responsible publication, we do not independently verify all third-party information and make no representations as to its accuracy, completeness, or reliability.
The views, findings, and statements expressed in third-party content belong solely to the original source and do not reflect the views of Straits Interactive Pte Ltd or the DPEX Network.
If you believe any content is inaccurate, infringing, or should be removed, please contact us at legal@straitsinteractive.com. We will review the matter and, where appropriate, take action in accordance with our internal policies.
Unlock these benefits
Get access to news, enforcement cases, events, and actionable tips and guides
Get regular email updates and offers
Job opportunities, mentorship and career guidance
Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin
DPEX Network is a Community Initiative of Straits Interactive.
Copyright © Straits Interactive Pte Ltd. All Rights Reserved.
All intellectual property rights to logos and brands featured on this website remain the property of their respective owners.