fbpx
genki sushi singapore
In this article

Another day, another data breach.

This time, around 360 of popular sushi chain Genki Sushi’s current and former employees have been affected.

The Personal Data Protection Commission (PDPC)’s investigations on a ransomware attack that happened last September revealed that the compromised server was an “off-the-shelf software application” that let employees view electronic payslips and for supervisors to confirm attendance of staff.

Data compromised are said to include the names of employees, their NRIC and Foreign Identity Numbers, bank account information, salary details, mobile phone numbers, and name of relatives.

Investigations also showed that Genki Sushi did not have a firewall for the server, but even after installing one, it still “failed to configure the firewall to filter out external threats”.

Wrote PDPC: “In other words, the server’s firewall was ineffective at filtering out any external threats.”

“For a server that held sensitive personal data, the security measures implemented by the organisation were inadequate.”

Genki Sushi also admitted that it did not conduct periodic penetration tests within the last 12 months before the attack, and “could not produce any evidence it had done any patching” during the same time.

For breaching the Personal Data Protection Act (PDPA), Genki Sushi was fined S$16,000, and said that it has since tightened its security by “replacing the affected server, encrypting its software’s database, engaging an external vendor to monitor its network and server logs as well as to assist with updating and patch management for the server”.

Subscribe to our newsletter

Stay updated with Vulcan Post weekly curated news and updates.

Vulcan Post aims to be the knowledge hub of Singapore and Malaysia.

© 2021 GRVTY Media Pte. Ltd.
(UEN 201431998C.)

Vulcan Post aims to be the knowledge hub of Singapore and Malaysia.

© 2021 GRVTY Media Pte. Ltd.
(UEN 201431998C.)

Singapore

Edition

Malaysia

Edition

icon-malaysia.svg

Malaysia

Edition

Vulcan Post aims to be the knowledge hub of Singapore and Malaysia.

© 2021 GRVTY Media Pte. Ltd.
(UEN 201431998C.)