Search
  • Straits Interactive

Breach of the Protection Obligation by MCST 3400

Adapted from: Breach of the Protection Obligation by MCST 3400

by Shermaine Ang Edited by Leong Wai Chong, CIPM, GRCP




A warning was issued to Management Corporation Strata Title Plan No. 3400 (MCST 3400) for failing to put in place reasonable security arrangements to prevent the unauthorised access of 562 individuals’ personal data stored in an internal directory.


Facts of the case


On 2 September 2019, the Personal Data Protection Commission (PDPC) was notified that a directory containing personal data belonging to MCST 3400 was accessible on the Internet by any member of the public. 


Back in April 2012, MCST 3400 had purchased a Network Attached Storage Device (NAS) for internal file sharing among its administrative staff over a local network. The directory was one of the files stored on the NAS. Not intending for the NAS to be connected to the Internet, the organisation was unaware that the directory could be accessed via an Internet Protocol address without the need for any login credentials. 


...continue reading

25 views
  • Facebook
  • YouTube

QUICK LINKS

CONTACT US

SINGAPORE

43D Beach Road Singapore 189681
Tel: +65 6815 8010
Fax: +65 6717 4885
Email: sales@straitsinteractive.com

MALAYSIA
Tel: + 603 9212 8533
Email: malaysia.sales@straitsinteractive.com

PHILIPPINES
Tel: + 63 91 7515 0369
Email: philippines.sales@straitsinteractive.com

Copyright © 20 Straits Interactive Pte Ltd. All rights reserved. 
All third party trademarks (including logos and icons) referenced remain the property of their respective owners.