SINGAPORE - A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions' website and deface it.

The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security, with a slew of measures to avoid a repeat.