Personal Data Protection Commission Allowing Fine to Be Paid in Installments

The Personal Data Protection Commission (“the Commission”) fined Sendtech Pte. Ltd. (“Sendtech”) a penalty of $9,000 through 12 installments following a finding that it had breached its obligations under the Personal Data Protection Act 2021. On 13 February 2021, Sendtech informed the Commission of an unauthorized access to its Amazon Web Services (“AWS”) account through […]

Online Marketplace Vindicated from Cyberattack

On 14 May 2021, Carousell Pte. Ltd. (“Carousell”) informed the Personal Data Protection Commission (“the Commission”) about an incident of unauthorized access to its users’ accounts due to a “credential stuffing” attack. Credential stuffing refers to a type of cyberattack where a cybercriminal accesses user accounts from one organisation using the usernames and passwords stolen […]

Well-Known Software & Technology Company Fined for Erroneous Disclosure of Payroll Information

In its decision dated 30th July 2021, the Personal Data Protection Commission (“the PDPC”) has fined well-known software and technology company, SAP Asia Pte. Ltd. (“SAP”) $13,500 over its breach of its personal data protection obligations under Section 24 of the Personal Data Protection Act (“PDPA”). The Decision follows a complaint received by the PDPC […]

Sporting Goods Company Issued Warning for Data Protection Breach

The Personal Data Protection Commission (“the Commission”) issued a Warning to Specialized Asia Pacific Pte. Ltd. (“SAP”) for breach its personal data protection obligations under Section 24 of the Personal Data Protection Act (“PDPA”). Specialized Asia Pacific Pte. Ltd. is a wholesale company of sporting products and equipment including bicycles and healthcare equipment, established in […]