Novade extends support to stakeholders affected by data breach

Increased security enhancements put in place to mitigate future risks

SINGAPORE, 28 June 2021 – Novade, a leading software developer for smart field management in the building and construction industry, has completed investigations into a recent malware attack on its cloud storage system and has reached out to all stakeholders affected by the data breach.

The malware attack on Novade’s cloud storage system occurred on Friday, June 25, at 10 a.m. due to a reset link sent through a phishing email to one of Novade’s Services team members. The email was forwarded to Novade’s technology director, who used it to reset his account password. This resulted in a ransomware attack on the Novade app which contains records of customers, including government agencies.

Novade was alerted to the incident on Monday, June 28, after suspicious activity was observed on its network. While some customer information was accessed by the hackers, crucial and sensitive data within the app are encrypted and access to the data was restricted. It immediately shut down its servers between 10 a.m. to 6.30 p.m. and carried out various containment measures including:

• Identifying the breached databases on Novade’s cloud-based system
• Resetting all Novade employees and customer passwords
• Disconnecting and shutting down the infected laptop for all apps
• Deactivating and resetting the password of the compromised cloud account
• Restoring and recovering the backup data on the Novade platform
• Notifying all affected stakeholders to help them manage the possible risks involved and the appropriate follow-up actions to take

“I apologise unreservedly to all our customers and stakeholders for any inconvenience caused due to the recent breach in our database. Data privacy is paramount for Novade and we are working towards ensuring this does not happen again,” said Novade’s founder and CEO Denis Branthonne. “Given the complexity and sensitivity of our ongoing investigations, we are being as transparent as possible. We are working very closely with all our customers and supporting them in mitigating potential risks.”

To prevent the likelihood of similar incidents in the future, Novade will refine its phishing whitelist, maintain continual updating and enhancing of Novade’s network security, and conduct regular anti-phishing trainings, which will be included in the employee onboarding process.

“I’d like to thank all our customers and partners for their patience and understanding as we continue our cyber investigations to better understand the full extent of this breach. Information security remains our highest priority and we are conducting a thorough review of our systems and processes to strengthen them,” added Branthonne.

For more details on Novade, please visit www.novade.net.

###

Novade is an SG:D Accredited company under the Infocomm Media Development Authority (IMDA), a national agency of the Singapore government.

Connect with Novade Email: contact@novade.net Website: www.novade.net LinkedIn: www.linkedin.com/company/novade-solutions Facebook: www.facebook.com/novadesolutions YouTube: www.youtube.com/novade Twitter: www.twitter.com/novadegroup Instagram: www.instagram.com/novadesolutions

Media Contact Nicolette Yuen Senior Marketing Manager Tel: +65 6252 6905 Email: nicolette.yuen@novade.net

Vanessa Lim Communications Manager Email: vanessa.lim@novade.net

About Novade

Novade has a team of digital specialists dedicated to supporting clients in their digital transformation from the ground up. With global experience on a wide range of construction projects and processes, the team will be able to quickly adapt to your needs from specification through to delivery and on-site support.