The public was kept in the dark about a 2020 data breach of a Jamaica Public Service Company (JPS) billing platform that left confidential customer information wide open on the Internet, a whistleblower has revealed.
The platform was developed by the Amber Group.
The JPS data breach occurred almost four months before a similar lapse in the Government’s pandemic management website JAMCOVID – also developed by Amber – which left hundreds of thousands of sensitive personal information exposed on the Internet.
It is unclear how long the JPS data had been exposed and how many customers were impacted, as details about the extent of the October 2020 cybersecurity breach were never made public, according to the whistleblower.
Responding to questions submitted by The Sunday Gleaner about the incident, JPS, the country’s largest electricity distributor, confirmed that more than two years ago, there was a “minor breach on a test platform that had a small data set”.
JPS Media and Public Relations Manager Audrey Williams said this resulted in “very limited access to some customer data”.
“At no time has customers’ email information or credit card information ever been exposed. In fact, JPS does not even have the credit card information of customers, and therefore cannot access same,” Williams said in an email response on Friday.
She also released excerpts from a statement JPS issued to “a member of the media” on February 24 last year in which the utility company acknowledged...
by Lowell Here are a few international, national and Virginia news headlines, political and otherwise, for Tuesday, April 21. Clean energy generation exceeded rise in global electricity demand i...