Data Breach At Mustafa Group In Singapore Prompts Police Probe

Singapore’s data protection agency is investigating a massive data leak at the Mustafa group of companies – which runs a shopping mall in Little India, among other businesses – a media report said on Thursday.

A cyber attacker on the popular hacker forum BreachForums claimed to have stolen the personal information of Mustafa customers and employees.

“The forum has been shut down in recent weeks,” reported The Straits Times about the data leak that was reported on April 25.

The hacker, who previously claimed to have stolen data from a global database that companies use to identify potential criminals, alleged that he had obtained 180GB of data belonging to the Mustafa group.

Files uploaded onto the forum allegedly contained data including full names, Identity Card numbers, and home addresses, according to the Singapore daily, which also said that the files have since been removed.

The Personal Data Protection Commission told the newspaper that it is investigating the incident involving Mustafa and has contacted the group for more information.

Meanwhile, a Mustafa spokesperson said it has engaged external cyber-security professionals and an auditor and started a “thorough review” of its IT systems.

Ethical-empire.com, a website dedicated to cyber security, said, “A threat actor named ‘GHOSTR’ breached a staggering 180.3 GB of sensitive databases between March 20 and 31 due to the company’s poorly secured server network. This breach not only compromised Mustafa’s retail and financial arms but also affected its other ventures, including restaurants, travel services, and visa applications.”