SINGAPORE Straits Times reported that e-mail log-in information of employees in several government agencies and educational institutions, as well as details of more than 19,000 compromised payment cards from banks there, have been put up for sale online by hackers.
Russian cyber-security company Group-IB revealed on Tuesday (March 19) that it discovered the user log-ins and passwords from several government organisations on the dark Web over the last two years. The compromised payment card information, which it said was valued at more than $600,000, was found last year.
According to a press release from Group-IB, the organisations involved include the Government Technology Agency (GovTech), Ministry of Education, Ministry of Health and the Singapore Police Force, as well as the National University of Singapore.
The spokesman said: "These credentials comprise e-mail addresses and passwords provided by individuals. He added that the credentials were leaked not from government systems, but from the use of these government e-mail addresses for the officers' personal and non-official purposes. "Officers have been reminded not to use government e-mail addresses for such purposes, as part of basic cyber hygiene," he said.
This is the kind of thing that new-school security awareness training can easily prevent.