Source: Wipada Wipawin on Canva & gigaexperience on Instagram
A man has alleged that a security oversight by mobile service provider giga left him vulnerable to a costly SIM card security breach.
Speaking to MS News on 1 Nov, Mr Lee claimed he had been a victim of a “SIM swap cyber attack” just 36 hours prior.
He further elaborated on his experience in an email to various authorities, including the Infocomm Media Development Authority (IMDA) and the Ministry of Digital Development & Information (MDDI).
According to Mr Lee, the incident began on 30 Oct, when a hacker reportedly gained access to his login details. He alleged that, without secondary verification, the hacker was able to remotely install an eSIM, granting them access to his one-time passwords (OTPs) and two-factor authentication (2FA) codes.
As a result, he claimed he suffered financial losses of more than S$13,000 due to unauthorised access to his accounts.
The situation forced Mr Lee to freeze his SIM card, preventing him from using his digital wallet for purchases and commuting.
giga, however, has denied any security oversight on its part in connection to the incident.
Source: Wipada Wipawin on Canva
In an email, Mr Lee raised concerns over security issues he believes contributed to the SIM swap incident involving his giga account.
His claims include the lack of two-factor authentication (2FA) for account logins on giga’s platform and allowing eSIM installations without additional verification.
He also noted that giga’s customer service was “unresponsive” on 30 Oct and 31 Oct, which fell over a public holiday.
When he eventually reached a representative on 1 Nov, he said he was advised to email giga and file a police report.
According to Mr Lee, giga’s response was a generic reply confirming that an investigation had been opened, and he did not receive further updates.
In the email chain reviewed by MS News, giga acknowledged receipt of Mr Lee’s complaint and issued a support ticket.
In response to MS News’ inquiries, a giga spokesperson stated that “there has been no breach of giga’s systems”, asserting that Mr Lee’s claims were unfounded.
Source: gigaexperience on Instagram
“Our team has assisted the customer in securing his accounts, and thorough reviews indicate that our security protocols were correctly followed,” the spokesperson said.
Due to privacy regulations, giga was unable to disclose further details about the case.
It further emphasised the shared responsibility of digital security, adding: “We emphasise that customers play an essential role in safeguarding their digital accounts.”
Also read: S’pore Victims Lose S$10M To Online Ad Scams, They Install Apps That Allow Unauthorised Transactions
Have news you must share? Get in touch with us via email at news@mustsharenews.com.
Featured image adapted from Wipada Wipawin on Canva and gigaexperience on Instagram.
Passengers were seen screaming and flying off their seats as the plane dropped 8,300 feet.
Both parties, aged 70 and 60, are assisting with police investigations for intentional harassment.
The fire involved the engine compartment, SCDF said.
Localised flash floods typically subside within an hour, PUB said.
The police do not currently suspect foul play.
The victim is in critical condition.