Online Marketplace Vindicated from Cyberattack

On 14 May 2021, Carousell Pte. Ltd. (“Carousell”) informed the Personal Data Protection Commission (“the Commission”) about an incident of unauthorized access to its users’ accounts due to a “credential stuffing” attack. Credential stuffing refers to a type of cyberattack where a cybercriminal accesses user accounts from one organisation using the usernames and passwords stolen […]