Stop whatever you're doing right now. Yes, even pre-ordering your iPhone 6 or iPhone 6 Plus with M1. Well, you can't really do that because the telco has halted the pre-order site due to a potential security breach.
Details surrounding this incident are still unconfirmed. But as of 7.28pm on 15 September, M1 has posted a message on its Facebook page, indicating that it has closed the pre-orders.
The iPhone pre-orders haven't gone so well for the telco since it was announced last Friday. When it was announced, M1's pre-order page was facing technical difficulties, with many (including us) not able to access the page.
We've since reached out to M1 to confirm the details of the incident, and will update the story with further information.
What really went down
UPDATED 16/09/14: As you already know, the M1 iPhone 6 or iPhone 6 Plus pre-orders were suspended yesterday evening as a result of "a potential security breach". What actually happened, is that a Computer Science masters student found a security loophole in M1's website while he was trying to secure a new iPhone for himself.
Using a cookie modifier plug-in on Google Chrome, the individual managed to retrieve forms with private customer data, such as NRIC details, home addresses, and even phone numbers, on them. He alerted the telco immediately of the loophole by posting on its Facebook page.
"If some hacker found this, I am sure all your customers' information will be leaked within hours (including mine). Please let your tech team contact me ASAP," he wrote.
M1's since issued a statement to the media, saying that the site was restored at 7.15am this morning, and that an update was put up on its Facebook page.
“M1 places the utmost priority in protecting our customer data and privacy and has implemented strict processes and procedures to safeguard customer information, including conducting regular security audits. We... will be conducting a full review on this incident,” it added.
[Source and image: CNA]
Additional reporting by Hafizah Osman