The Jalan app by mobilityX did the so-called classic mistake of mass email-sending that can turn out fatal, calling for further investigation
SMRT-backed company mobilityX has revealed around 500 personal email addresses of its users on Friday, August 10, which may potentially lead to a lawsuit for data breach, The Straits Times reported.
The mass email was to introduce a new mobile wallet feature called “Kaki” in their app Jalan.
Instead of using “bcc” to ensure the email addresses stay hidden, the company put all email addresses in “to” field, causing them to be exposed to one another.
mobilityX CEO Colin Lim apologised for the accident and is currently reviewing internal process to prevent such mistake in the future.
Local data protection experts warn that the distribution of such personal data can cause black market selling and invite cyber crimes towards the email addresses owner as this often is the case with online data.
Even without complaint submitted by the app’s users, Personal Data Protection Commission (PDPC) may conduct an investigation that may result in a fine.
Associate Professor Hannah Yeefen Lim from NTU’s Nanyang Business School explained the importance of appropriate training and instructions as this type of mistake can easily happen.
The Jalan app is currently being tested at the Nanyang Technological University (NTU) campus and nearby JTC Corporation CleanTech Park with its combinations of transport options, such as public transport, shared bicycles, e-scooters, private ride-hailing services, and autonomous vehicles. It helps commuters plan their travel, integrating route planning, booking, and payment.
e27 has reached out to Jalan.sg team for comments.
Image Credit: Energy Research Institute @NTU
The post mobilityX transportation app Jalan looks to improve internal processes after accidental email data leak appeared first on e27.