A total of 1.5 million SingHealth patients’ non-medical personal data were stolen, while 160,000 of those had their dispensed medicines’ records taken too, according to MCI and MOH.
SINGAPORE: The "most serious breach of personal data” in Singapore’s history took place last month, with 1.5 million SingHealth patients’ records accessed and copied while 160,000 of those had their outpatient dispensed medicines’ records taken, according to the Ministry of Health and Ministry of Communications and Information.
Among those affected was Prime Minister Lee Hsien Loong, with the attackers “specifically and repeatedly targeting” his personal particulars and information of his outpatient dispensed medicines, the ministries said in a joint release on Friday (Jul 20).
Several other ministers were also affected, including Emeritus Senior Minister Goh Chok Tong.
The personal data taken from the 1.5 million patients include their names, NRIC numbers, address, gender, race and date of birth, the release said, adding that the hackers did not amend or delete the records.
Patients’ medical records, including past diagnosis, doctors’ notes and health scans, were not affected.
“We have not found evidence of a similar breach in the other public healthcare IT systems,” they said.
"UNPRECEDENTED" ATTACK
At a news conference on Friday, Health Minister Gan Kim Yong apologised to patients affected. Calling the attack "unprecedented", Mr Gan said: "I'm deeply sorry that this has happened ... We must learn from this and emerge stronger and more resilient from this incident."
Also at the conference was Communications and Information Minister S Iswaran who vowed to get to the bottom of the breach.
"I want to assure everyone that the Government takes with utmost seriousness its responsibility of ensuring the security of public sector IT systems and databases," he said.
Investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHIS) confirmed that the attack was a “deliberate, targeted and well-planned cyberattack” and was not the work of casual hackers or criminal gangs.
Channel NewsAsia understands that authorities have established who might be behind such an attack. There are only a few countries in the world who have the level of sophistication shown during the cyberattack campaign.
"I apologise. We are not able to reveal more because of operational security reasons," CSA chief executive David Koh said at the news conference when asked which country might have been involved.
None of the stolen data has surfaced in the public domain, including that of the prime minister.
"The attackers deliberately, repeatedly and specifically targeted his information and they were able to access and copy the dispensed medication record of Prime Minister Lee Hsien Loong," Mr Koh said.
"It's perhaps best not to speculate what the attacker had in mind," he added in response to a question on why Mr Lee's data was targeted.
In an Facebook post, Emeritus Senior Minister Goh Chok Tong revealed that his non-medical personal particulars with SingHealth had also been stolen.
"Cyber theft is a key risk when going digital. But we cannot stop the digital advance and must strive to build the most secure Smart Nation," he added.
SOPHISTICATED ATTACK
According to MCI and MOH, IHIS database administrators detected unusual activity on one of SingHealth’s IT databases on Jul 4, and acted immediately to stop it. They carried on their investigations, while putting in place additional security measures, the release said.
From Jul 4 to Jul 9, they continued to monitor the network traffic closely before ascertaining it was a cyberattack and alerted superiors. On Jul 10, MOH, SingHealth and CSA were informed and forensic investigations were carried out.
It was found that data was taken out from Jun 27 to Jul 4 this year, and the patient records accessed and copied were from those who visited SingHealth’s specialist outpatient clinics and polyclinics from May 1, 2015, to Jul 4 this year.
CSA ascertained the cyberattackers first accessed the network after breaching a front-end workstation, and managed to get privileged access to the database over time while also showing sophistication in cleaning up their digital footprints when doing so.
SingHealth has since lodged a police report on Jul 12, and police investigations are ongoing. These investigations are separate from those looking into the cyberattack, Channel NewsAsia understands.
More at https://www.channelnewsasia.com/news/singapore/singhealth-health-system-hit-serious-cyberattack-pm-lee-target-10548318
If I may be permitted to comment, 2 things:
1. Our government won't reveal which country the hackers originate from probably for fear of further retaliation rather than security concerns; besides do you think the useless, cowardly PAP would dare to take any action against the hackers who might be state-sponsored and exist far beyond the shores of local jurisdiction? It ain't anywhere as simple as suing the pants off a helpless lamb like Roy Ngerng.
2. The dream of becoming a smart nation will always remain a dream, simply because our lee-ders just aren't smart enough to see things through.
COI to be convened to investigate cyberattack targeting PM Lee’s medical information
The authorities said that this attack will not derail Singapore's plans to become a Smart Nation.
The Ministry of Communications and Information (MCI) revealed (Jul 20) at a joint press briefing with Ministry of Health (MOH) that between May 1 2015 and July 4 2018, 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics had their non-medical personal particulars (name, NRIC number, address, gender, race, and date of birth) illegally accessed and copied.
Data exfiltrated
MCI further said that information on outpatient dispensed medicines of about 160,000 patients was “exfiltrated” (stolen).
In particular, Prime Minister Lee Hsien Loong’s personal particulars and information on his outpatient dispensed medicines were “specifically and repeatedly” targeted. His dispensary records were copied out.
The attack is said to be “deliberate, targeted and well-planned” and it was “not the work of casual hackers or criminal gangs”.
This was a point that was repeated several times at the press briefing, by David Koh, the Chief Executive of the Cyber Security Agency.
Answering queries from the media, the authorities said that they know the origin country of the attack but will not reveal it for operational security reasons.
Committee of Inquiry formed
MCI said that this incident had “serious public health and safety implications.”
It said that Minister-in-Charge of Cybersecurity, S Iswaran, would convene a Committee of Inquiry (COI) with Richard Magnus, a retired Senior District Judge and member of the Public Service Commission, chairing the COI.
With reference to the attack, Iswaran said, “This is the most serious breach ever … we will get to the bottom of this.”
When questioned by media whether other Cabinet Ministers had their data stolen, Iswaran said, “You asked about the other Ministers. Our priority is to ensure all the records of SingHealth is safeguarded.”
Health Minister Gan Kim Yong said that he would extend his full support to help Iswaran with the COI. Gan added, “This is a very serious and unprecedented, massive cyberattack on the healthcare system.”
According to MCI, “the COI will establish the events and contributory factors leading to the cybersecurity attack, and the incident response. It will also recommend measures to better manage and secure SingHealth’s and other public sector IT systems against similar cybersecurity attacks in future.”
MCI will announce the COI’s composition and the terms of reference at a later date.
Iswaran noted that the COI will have both public and private hearings.
Government strengthening IT Systems
In light of the attack, MCI said that the Government “will take immediate action to strengthen our IT systems against similar cybersecurity attacks.”
The Cyber Cecurity Agency will work closely with all 11 key sectors to enhance the cybersecurity of their Critical Information Infrastructure systems.
According to MCI, a scan of all government systems found no evidence of compromise. Introduction of new ICT systems in the government will be paused while cybersecurity measures of government systems are reviewed.
MCI said that this attack will not derail any plans to transform Singapore into a Smart Nation and that the authorities will “learn from the experience of this deliberate and sophisticated cybersecurity attack, and implement measures to better secure our public sector IT systems and databses, and uphold public trust in our systems.”
https://www.prolificskins.com/forum/current-affairs/singapore-health-system-hit-by-most-serious-breach-of-personal-data-in-cyberattack-pm-lee-s-data-targeted
Instructional video for minister Gan and gang of nincompoops on how to commit hara-kiri correctly.
CPF money=good to see, cannot touch. Would it make any difference if they were all siphoned away?
Holy goldilocks, does that mean our CPF funds might be at risk too?
Cyber Security Agency chief executive David Koh and Health Minister Gan Kim Yong have failed us Sinkies.
According to Harakiri-Khaw, they must gut themselves with bushido blades now!!!!!!!