Jump to content

Your info leaked by NTUC Income

Osiris

By Osiris,
in Lite & EZ

 Share

Recommended Posts

Osiris

Osiris

1st Gear

The following letter is NOT written by me but EXTRACTED from ST forum.

 

I am posting this so that people will think twice about having a business relationship with them. shakehead.gif

 

I totally agreed with what Mr How said in his last paragraph.

What pissed me off is that this letter to the forum is only available online and not on the printed copies thumbsdown.gif.

 

 

Home > ST Forum > Online Story

Aug 23, 2007

 

Income staff showed blase attitude when told of breach in website

ON AUG 17 at 8pm, l logged onto NTUC Income's website at www.income.com.sg and used its Policy Online Enquiry (Pole).

 

I was shocked to see the policy of other policyholders and all their personal information, including their investment and insurance profile. On my second login, I was able to log into other policyholders' accounts using my own ID and password.

 

I called NTUC Income three times to inform it about this serious problem but I was shocked with its response.

 

The staff said that I should not be looking at other people's policies and asked me to log out immediately. On top of that, the customer relationship officer did not seem to have a sense of urgency, did not seem surprised, was very relaxed and did not take the call seriously. He said that he would log the case and send it to the IT department.

 

I called my friends in Income and informed them to escalate the matter to management.

 

Feeling uneasy about the matter, I called Income again on another number and, this time round, I was advised to log out immediately which I did. It was only then that the Pole component was shut down.

 

My questions to Income are:

>>This is a serious breach of security and I was kind enough to inform it and yet its response was not professional and I was not taken seriously. Is that acceptable?

 

>>The customer relationship officer told me that a few customers had also called about the problem. If that was the case, why was there no immediately action? In an IT datacentre procedure, the first thing to do is to shut down the Pole component and not let it run further.

 

Being in the IT line myself and being an engineer on standby for a mission critical system, I can say with certainty that Income's data centre standard operating procedure and chain of command on system failure are completely unacceptable. They are seriously flawed. I am disappointed by Income's handling of this situation.

 

How Hee Ping

↡ Advertisement
Link to post
Share on other sites
Osiris

Osiris

1st Gear
  • Author

don't think so lah. unless they so screw up and allowed their secure pages to be spidered. that has to be like deliberate.

Link to post
Share on other sites
Osiris

Osiris

1st Gear
  • Author
(edited)
>>The customer relationship officer told me that a few customers had also called about the problem. If that was the case, why was there no immediately action? In an IT datacentre procedure, the first thing to do is to shut down the Pole component and not let it run further.

 

laugh.giflaugh.gifmust be all trying to figure out wats wrong and pointing finger. Nothing being done until escalate high enough then someone steps in and say shut down.

 

 

maybe that's what they meant by improving transparency laugh.giflaugh.gif

Edited by Osiris
Link to post
Share on other sites
Maxus-MIFA9

Maxus-MIFA9

Supersonic

Always the case, ignore your feedback and take it easy.

 

Should have change some figures in some of those payout claim and let them [sweatdrop][sweatdrop][sweatdrop] and sh*t in their pants. [sly][sly][sly]

 

I believe they will immediately take action when millions of $$$ are payout.

Link to post
Share on other sites
Skydiver

Skydiver

Neutral Newbie

my personal experience ntuc income has been positive and pleasant. they are prompt in response in my queries and they always provide good customer service. i believe this matter could be an isolated case... take it easy people! [sunny][laugh]

Link to post
Share on other sites
Jolene

Jolene

Neutral Newbie

Ya...to be fair, everybody do make mistake, as long they take feedback and prompt in retifying the problem, we shall not be too harsh, this could be an isolated case.

 

Me too so far with good experience with NTUC Income, they are prompt in response and good in customer service. [inlove]

Link to post
Share on other sites
Nolicense

Nolicense

Turbocharged

Makes people think about the security of the system. Think your CPF, IRAS and e-government information is safe? they are all contracted out to GLCs to look after. e.g. NCS

 

glitches like that are due to human error, program error, and what not. nothing is fool proof. best to have fast and good response, which is what TS is so annoyed, the CS like not bothered ya?

↡ Advertisement
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...