A total of 1.5 million personal data of Singaporean was stolen from SingHealth database in a cyber attack that called as the most serious breach of personal data in Singapore. This attack took place last month and affected to 1.5 million SingHealth patients’ records and 160,000 of those had outpatient prescriptions.
Among those affected was Prime Minister Lee Hsien Loong, with the attackers “specifically and repeatedly targeting” his personal particulars and information of his outpatient dispensed medicines. Several other ministers were also affected, including Emeritus Senior Minister Goh Chok Tong.
The hackers infiltrated the computers of SingHealth, Singapore's largest group of healthcare institutions with four hospitals, five national speciality centres and eight polyclinics. Two other polyclinics used to be under SingHealth.
The personal data of 1.5 million patients was illegally accessed and copied include their names, NRIC numbers, address, gender, race and date of birth, the release said, adding that the hackers did not amend or delete the records. Patients’ medical records, including past diagnosis, doctors’ notes and health scans, were not affected.
Health Minister Gan Kim Yong and Minister for Communications and Information S. Iswaran both described the leak as the most serious, unprecedented breach of personal data in Singapore. “We are deeply sorry this has happened,” said Gan as quoted by The Straits Times (Jul 20).
Investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHIS) confirmed that the attack was a “deliberate, targeted and well-planned cyberattack” and was not the work of casual hackers or criminal gangs.
Initial investigations showed that one SingHealth front-end workstation was infected with malware through which the hackers gained access to the database. The data theft happened between June 27, 2018, and July 4, 2018.
SingHealth has imposed a temporary Internet surfing separation on all of its 28,000 staff's work computers. Other public healthcare institutions will do the same. Unusual activity was first detected on July 4 on one of SingHealth's IT databases. Security measures, including the blocking of dubious connections and changing of passwords, were taken to thwart the hackers.
On July 10, the Health Ministry, SingHealth and the Cyber Security Agency of Singapore were informed after forensic investigations confirmed that it was a cyber-attack. A police report was made on July 12. No further data has been stolen since July 4 and all patient records in SingHealth's IT system remain intact and there has been no disruption of healthcare services.
SingHealth will be contacting all patients who visited its specialist outpatient clinics and polyclinics from May 1, 2015, to July 4, 2018, to notify them if their data has been stolen. An SMS message will be sent to all patients over the next five days.
All patients, whether or not their data has been compromised, will also receive an SMS notification over the next five days. They can also access the Health Buddy mobile app or SingHealth website to check if they are affected by this incident.
Sources: channelnewsasia.com, straitstimes.com, moh.gov.sg