The “unauthorised data access” incident was uncovered on August 29 and the relevant authorities had been informed of the breach, MyRepublic, the company, which operates in the Asia-Pacific region with operations in Singapore, Australia and New Zealand, said in a statement.
The details stolen were identity verification documents related to customer’s applications for mobile services and including scanned copies of utility bills with residential addresses of foreigners here, as well as National Registration Identity Card of locals, it said.
Customers who ported an existing mobile service had their names and mobile numbers accessed.
MyRepublic said that there is currently no indication that other personal data, such as account or payment information, was affected.
MyRepublic has notified the Infocomm Media Development Authority and the Personal Data Protection Commission of the issue and will continue to cooperate with those authorities.