Asian Fintech GrabCar Reprimanded for Data Breach
The Singapore based GrabCar volunteered the information and cooperated in the investigation with regulators, and were fined SG$16,000.
The Singapore government have fined GrabCar SG$16,000 for a 2017 breach of data security. The Singapore based fintech company volunteered the information and cooperated in the investigation, leading to the lenient conclusion of the case.
The data breach related to the accidental disclosure of customers’ phone numbers and names in a marketing email. Over 120,000 emails contained the incorrect information and prompted security process changes within the company.
The Commissioner for the Personal Data Protection Commission, Mr Tan Kiat How, imposed the fine, saying that GrabCar "did not have adequate measures in place to detect whether the changes it made to the system that held personal data introduced errors that put the personal data it was processing at risk".
Grab was started by a Malaysian student of Harvard Business School. The company was founded in Malaysia in 2012 and moved headquarters to Singapore in 2014. It’s currently valued at US$10billion and has diversified into Asian markets including Vietnam, Indonesia, and Thailand.
GrabPay is their e-wallet brand which was launched in 2016 in Singapore is set to expand across ASEAN nations in the next year after already moving into Malaysian and Vietnamese markets. GrabPay also have their eye on the remittance market in South East Asia, with a potential market of 6.77million overseas workers sending money home.