On 29 June 2018, Klook announced that it had suffered a potential data breach involving approximately 8% of its users who shared their data on its website between 11 December 2017 and 13 June 2018. The incident involved the possible compromise of customers’ personal data and credit card information.
Kroll, a third-party cyber security and forensics investigation global leader, narrowed the incident down to a malicious piece of JavaScript code associated with a third-party web-based analytics tool, SOCIAPlus. Klook has confirmed that the data breach has not affected its mobile app users (Android and iOS).
Klook communicated the breach to the relevant regulatory authorities and is reviewing its cyber security protocols. Customers have been advised to contact their credit card issuer if they have any concerns.
What can you do to avoid such breaches?
Organisations that want to step up their cyber security should adopt ISO 27001, the international standard that describes best practice for an ISMS (information security management system).
ISO 27001 is one of the world’s most popular cyber security standards, providing specifications of how to deal with a range of information security risks, one of which are cyber risks. By implementing an ISMS, organisations are able to protect their information assets, prevent data breaches and limit their exposure to cyber security incidents.
IT Governance offers a range of tools and services to help you implement the Standard’s requirements, but to get started as quickly as possible, we recommend our consultancy service.
Drawing on our unique blend of practical information security know-how and proven management system consultancy expertise, our team will help you implement an ISO 27001-compliant ISMS without the hassle, no matter where your business is located.
