SINGAPORE – The data of about 128,000 borrowers linked to a dozen licensed moneylenders was compromised after hackers breached the system of third-party IT vendor Ezynetic that hosted the information.

The clients have had their “personal identifiable information” stolen, said the Ministry of Law in a statement on July 25.

The 12 moneylenders are Ban King Credit, Credit 21, Lending Bee, Katong Credit, Credit Thirty3, GS Credit, 1AP Capital, Creditmaster, BST Credit, U Credit, Horison Credit and Credit Matters.   The ministry said the moneylenders have started to inform borrowers of the breach, reminding them to stay vigilant against possible phishing scams.

Ezynetic and the moneylenders have filed reports with the police, the Cyber Security Agency of Singapore, and the Personal Data Protection Commission.

A total of 20 firms made use of Ezynetic’s services, but eight were unaffected, the statement said, adding that the third-party system is neither hosted on nor linked to the Government’s network.

To prevent any further breaches, the Credit Bureau Singapore (CBS) has restricted access to the Moneylenders Credit Bureau platform for all 20 firms that use Ezynetic’s services.

The platform, which functions as a central repository of data, hosts the loan and repayment records of all borrowers of every single licensed moneylender in Singapore.

Stressing that it takes a serious view of the data breach, the Ministry of Law said licensed moneylenders have a duty to protect any informatio...