WHAT
Clarins said in a statement on its website that the incident was due to a critical vulnerability in a widely used software known as Log4j
A data security incident has impacted cosmetics company Clarins, which may involve the personal information of customers in Singapore. The company is reportedly investigating the incident and has not yet confirmed the extent of the breach or what personal information may have been compromised. Clarins is advising customers to remain vigilant and to monitor their personal information for any suspicious activity.
PDPA matters:
Organizations have a responsibility to secure personal information when utilizing third-party software solutions. It is important to thoroughly evaluate the security enhancement features to guard against potential vulnerabilities. Reasonable security arrangements must be put in place to protect against unauthorized access, collection, use, disclosure, copying, modification, disposal, or loss of storage media containing personal data.
Read more: https://sso.agc.gov.sg/Act/PDPA2012?WholeDoc=1&ProvIds=pr24-#pr24-