SINGAPORE: The account details of some Instarem users were revealed on other customers' app on Tuesday (May 13) night, in what the cross-border payments company described as a “technical incident”.
In response to CNA’s queries, Instarem said on Wednesday that it was aware that a “limited number” of users had been affected by a “technical incident”.
“Our team has taken immediate action to investigate the nature and scope of this incident, with our top priority being the security of our systems,” it added.
Based in Singapore, Instarem allows its users to make international transfers to more than 60 countries and offers a multi-currency travel card called amaze.
According to its LinkedIn profile, it is licensed to operate in Singapore, Australia, Malaysia, Hong Kong, Indonesia, Japan, India, Europe, the United Kingdom, the United States and Canada. Its website says it has more than 1 million customers.
Two Instarem users told CNA that when they logged into their accounts on Tuesday night, they found details belonging to someone else instead.
These included the user’s email address, phone number and latest transactions on Instarem.
Both users said they received emails from the platform about a “technical issue” that occurred around 8.50pm.
The company attributed the issue to an "unexpected bug" in its system, saying that some users may have "briefly seen partial user information" that is not from their account.
According to the email, all systems were returned to normal operations in 30 minutes.
Both users told CNA they first experienced the issue at around 9.30pm.
In its email, Instarem said users’ sensitive data, such as identification numbers, financial details or passwords, was not exposed or accessible.
"Our security and engineering teams are conducting a full root cause analysis and implementing additional safeguards to prevent such incidents in the future," it added.
"We deeply value the trust you place in us, and we take the responsibility of protecting your information extremely seriously. We apologise for any confusion or concern this may have caused."
The Personal Data Protection Commission told CNA it is reaching out to Instarem for more information.
Instarem told CNA it would provide a further update on the incident by 4pm on Wednesday.
Continue reading...
In response to CNA’s queries, Instarem said on Wednesday that it was aware that a “limited number” of users had been affected by a “technical incident”.
“Our team has taken immediate action to investigate the nature and scope of this incident, with our top priority being the security of our systems,” it added.
Based in Singapore, Instarem allows its users to make international transfers to more than 60 countries and offers a multi-currency travel card called amaze.
According to its LinkedIn profile, it is licensed to operate in Singapore, Australia, Malaysia, Hong Kong, Indonesia, Japan, India, Europe, the United Kingdom, the United States and Canada. Its website says it has more than 1 million customers.
Two Instarem users told CNA that when they logged into their accounts on Tuesday night, they found details belonging to someone else instead.
These included the user’s email address, phone number and latest transactions on Instarem.
Both users said they received emails from the platform about a “technical issue” that occurred around 8.50pm.
The company attributed the issue to an "unexpected bug" in its system, saying that some users may have "briefly seen partial user information" that is not from their account.
According to the email, all systems were returned to normal operations in 30 minutes.
Both users told CNA they first experienced the issue at around 9.30pm.
In its email, Instarem said users’ sensitive data, such as identification numbers, financial details or passwords, was not exposed or accessible.
"Our security and engineering teams are conducting a full root cause analysis and implementing additional safeguards to prevent such incidents in the future," it added.
"We deeply value the trust you place in us, and we take the responsibility of protecting your information extremely seriously. We apologise for any confusion or concern this may have caused."
The Personal Data Protection Commission told CNA it is reaching out to Instarem for more information.
Instarem told CNA it would provide a further update on the incident by 4pm on Wednesday.
Continue reading...