Hackers access 665,000 Marina Bay Sands non-casino rewards programme members' personal data

About 665,000 members of Marina Bay Sands (MBS) non-casino rewards programme were affected in a data security incident last month.

In response to a Stomp query, a spokesperson for MBS said it became aware of the incident on Oct 20 involving unauthorised access to some of its Sands LifeStyle rewards membership data on Oct 19 and 20.

"Upon discovery of the incident, our teams immediately took action to resolve it," said the spokesperson.

"Investigations have since determined that an unknown third party accessed customer data of about 665,000 non-casino rewards programme members. Based on our investigation, we do not have evidence to date that the unauthorised third party has misused the data to cause harm to customers.

"We do not believe that membership data from our casino rewards programme was affected.

"After learning of the issue, we quickly launched an investigation, have been working with a leading external cybersecurity firm, and have taken action to further strengthen our systems and protect data."

The personal data that was affected comprises members' names, email addresses, phone numbers, countries of residence, membership numbers and tiers.

The spokesperson added: "We will be reaching out to Sands LifeStyle loyalty programme members and sincerely apologize for the inconvenience caused by this incident.

"We have reported it to the relevant authorities in Singapore and other countries where applicable and are working with them in their inquiries into the issue."

In an email to members on Tuesday (Nov 7), MBS chief operating officer Paul Town wrote: "We also recommend that you remain extra vigilant against phishing attempts, particularly against clicking on links that may direct you to malicious websites where your password or other personal information may be requested."