Cyber Incident Victim: National University of Singapore Society

The National University of Singapore Society (NUSS) disclosed on November 1, 2021, that its website had been compromised in a hacking incident occurring in early October 2021. This breach resulted in the unauthorized access and exfiltration of personal data belonging to 1,355 society members. The stolen information included members' full National Registration Identity Card (NRIC) numbers, a critical national identification document in Singapore. NUSS did not publicly confirm whether the compromised data had been encrypted at the time of the breach. The society acknowledged the incident through an official statement but did not specify the exact date of intrusion detection or the technical methods employed by the attackers to infiltrate their systems.

The breach exposed affected members to potential identity theft and fraud risks due to the sensitivity of NRIC data. Media reports indicated the stolen information might have been offered for sale on dark web platforms, though NUSS did not independently verify this claim. The society did not describe any containment measures, forensic investigation processes, or system remediation efforts undertaken following the breach. No details were provided regarding notification timelines to regulatory authorities or affected individuals beyond the November 1 public disclosure. The incident highlighted vulnerabilities in NUSS's digital infrastructure, though the society did not disclose whether the website's security weaknesses had been addressed post-breach.