The Privacy Commissioner said on Monday that people should be careful about giving out personal data when using mobile apps to order food, after finding that some restaurants used customers' information for other purposes.

It reviewed 60 restaurants and found that 10 of them, including McDonald's, Starbucks and local noodle chain TamJai, have mobile apps that use customers' personal information for tracking and marketing.

At a press conference, Privacy Commissioner Ada Chung said officials were investigating restaurant chain Satay King for failing to obtain users' consent before collecting their data.

She said restaurants should allow customers to order food without collecting their data, and reminded customers to take steps to protect their personal information.

"We also advise customers to check the personal information and data collection statement, so as to ascertain the use of the personal data, and also the collection of the personal data," she said.

"They should also adjust the privacy settings if they do not want their data to be used, for example, for marketing purposes."

The watchdog said there was a 50 percent increase in reported data breaches last year, with 109 cases in the private sector and 48 in the public sector.

Chung attributed the rise to an increase in hacking cases, with the number more than doubling from 29 in 2022 to 64 in 2023.

"I would say internationally we also notice that there is an increasing trend in the number of hacking cases," she said.

Cyberport and the Consumer Council were hacked in September last year, with hackers demanding millions of dollars in ransom.