ShopBack

ShopBack operates as an e-commerce cashback platform based in Singapore. Its core service involves providing customers with cashback rewards for purchases made through affiliated online retailers. The platform facilitates transactions and tracks user activity to enable these financial incentives, primarily targeting consumers in the Singapore market. This business model relies heavily on processing and storing customer transaction data to administer the cashback rewards effectively.

A significant distinguishing event impacting ShopBack occurred in September 2020 when the company experienced a cybersecurity incident involving unauthorized access to customer personal data. This breach prompted ShopBack Singapore to publicly disclose the compromise of user information and initiate an investigation, which also drew attention from local authorities. While the company acknowledged the incident, specific details regarding the exact nature or full scope of the compromised data were not initially provided in their announcement. This incident highlighted vulnerabilities associated with handling customer data within its cashback platform operations. Concurrent reporting mentioned a separate breach at another regional hospitality startup, RedDoorz, though that incident was assessed as not involving sensitive financial data or passwords; ShopBack's breach remained distinct and directly relevant to its user base and operational model. The disclosure underscored the cybersecurity risks inherent in its data-dependent business and its position within Singapore's regulatory landscape for data protection.