A man has alleged that a security oversight by mobile service provider giga left him vulnerable to a costly SIM card security breach.
Speaking to MS News on 1 Nov, Mr Lee claimed he had been a victim of a “SIM swap cyber attack” just 36 hours prior.
He further elaborated on his experience in an email to various authorities, including the Infocomm Media Development Authority (IMDA) and the Ministry of Digital Development & Information (MDDI).
According to Mr Lee, the incident began on 30 Oct, when a hacker reportedly gained access to his login details. He alleged that, without secondary verification, the hacker was able to remotely install an eSIM, granting them access to his one-time passwords (OTPs) and two-factor authentication (2FA) codes.
As a result, he claimed he suffered financial losses of more than S$13,000 due to unauthorised access to his accounts.
The situation forced Mr Lee to freeze his SIM card, preventing him from using his digital wallet for purchases and commuting.
giga, however, has denied any security oversight on its part in connection to the incident.
In an email, Mr Lee raised concerns over security issues he believes contributed to the SIM swap incident involving his giga account.
His claims include the lack of two-factor authentication (2FA) for account logins on giga’s platform and allowing eSIM installations without additional verification.
He also noted that giga’s customer service was “unresponsive” on 30 Oct and 31 Oct, which fell over a public holiday.
When he eventually reached a representative on 1 Nov, he said he was advised to email giga and file a police report.
According to Mr Lee, giga’s response was a generic reply confirming that an investigation had been opened, and he did not receive further updates.
In the email chain reviewed by MS News, giga acknowledged receipt of Mr Lee’s complaint and issued a support ticket.
In response to MS News’ inquiries, a giga spokesperson stated that “there has been no breach of giga’s systems”, asserting that Mr Lee’s claims were unfounded.
“Our team has assisted the customer in securing his accounts, and thorough reviews indicate that our security protocols were correctly followed,” the spokesperson said.
Due to privacy regulations, giga was unable to disclose further details about the case.
It further emphasised the shared responsibility of digital security, adding: “We emphasise that customers play an essential role in safeguarding their digital accounts.”
Also read: S’pore Victims Lose S$10M To Online Ad Scams, They Install Apps That Allow Unauthorised Transactions
Have news you must share? Get in touch with us via email at news@mustsharenews.com.
Featured image adapted from Wipada Wipawin on Canva and gigaexperience on Instagram.
The 69-year-old was reportedly upset over his neighbour's refusal to apologise.
False claims include that GCB transactions occur without government checks on beneficial owners' identities.
The suspect casually watched as the woman became consumed by flames.
The thief left the wallet and more than RM200 behind, presumably to mislead the 72-year-old…
Such poor sportsmanship.
Earlier this year, three managers were found to have made manual updates on a customer’s…