Singapore: Hack of 1.5M patients’ records targeted PM Lee

Singapore: Hack of 1.5M patients’ records targeted PM Lee

Singapore: Hack of 1.5M patients’ records targeted PM Lee

For 160,000 patients, the data also included details on dispensed medicines.

Mr David Koh, chief executive of the Cyber Security Agency of Singapore, said that "this was a deliberate, targeted and well-planned cyber attack". At this stage, what Channel Asia understands so far is that the personal information of 1.5 million patients were stolen, including name, NRIC number, address, gender, race and date of birth. In the latest attempt to demonstrate their power, a group of hackers has broken into Singapore's largest healthcare institution, SingHealth.

Data exfiltration occurred between June 27 and July 4, the newspaper reported.

The Ministry of Health of Singapore was targeted by a group of hackers specifically and repeatedly by what is assumed to be a state-sponsored attack.

The attack on the SingHealth database is believed to be the most serious breach of personal data in Singapore's history.

The Prime Minister said the security and confidentiality of patient information is a top priority.

No further malicious activity has been detected since July 4, and all patient records in SingHealth's IT system remain in place, said the release.

The hackers first broke into SingHealth's IT system via a front-end workstation, and later managed to obtain log-in details to assess the database, according to CSA's investigations. The dataset covers the period from 1 may 2015 to 4 July 2018.

But authorities have put the brakes on these plans while they investigate the cyberattack. Officials said hackers didn't edit or delete any patient records, but only exfiltrated it to a remote server.

S Iswaran, the Communications and Information Minister was also said that the Government will look into this breach with utmost seriousness and will ensure the security of public sector IT systems as well as the databases.

SingHealth employees temporarily prohibited from using work computers.

I don't know what the attackers were hoping to find.

On 10 July, investigations confirmed that it was a cyber attack, and the Ministry of Health (MOH), SingHealth and CSA were informed.

"Nation states increasingly collect intelligence through cyber espionage operations which exploit the very technology we rely upon in our daily lives", he says, adding: "Many businesses and governments in South East Asia face cyber threats, but few recognise the scale of the risks they pose".

In his Facebook post about the attack, Lee warned that "those trying to break into our data systems are extremely skilled and determined".

"I am personally affected, and not just incidentally". "Singapore ranks among the leaders in cybersecurity, and we'd like to see more governments follow their lead in disclosing breaches". According to the 2017 Cost of Data Breach Study by Ponemon Institute, a lost/stolen healthcare record fetches US$408. "We have to go forward, to build a secure and Smart Nation".

Related news