Singapore suffers 'most serious' data breach, affecting 1.5M healthcare patients including Prime Minister
In addition, outpatient medical data of some 160,000 patients were compromised, though, the records were not modified or deleted, said the Ministry of Health and Ministry of Communications and Information (MCI), in a joint statement late-Friday.
"No other patient records, such as diagnosis, test results or doctors' notes, were breached [and] we have not found evidence of a similar breach in the other public healthcare IT systems," they said.
The first sign of unusual activities was detected on July 4, 2018, by the Integrated Health Information Systems (IHiS), which is the public healthcare sector's technology agency and responsible for running local public healthcare institutions' IT systems.
The agency "acted immediately" to stop the illegal activities and implemented "additional cybersecurity precautions", whilst carrying out further investigation on the incident. Six days later, on July 10, IHiS informed the Health Ministry and Cybersecurity agency of Singapore (CSA) after confirming it had suffered a cyberattack.
However, while the attack was detected on July 4, it was later established that data "was exfiltrated" from June 27. A police report was filed on July 12 and investigations were ongoing. In the statement, CSA and IHiS described the attack as "deliberate, targeted, and well-planned".
"It was not the work of casual hackers or criminal gangs. The attackers specifically and repeatedly targeted Prime Minister Lee Hsien Loong's personal particulars and information on his outpatient dispensed medicines," they said.
No further data was compromised following the discovery on July 4 and IHiS had deployed further measures to tighten the security of SingHealth's IT systems, including temporarily separating internet access from workstations, resetting user and systems accounts, and installing additional system monitoring controls.
CSA said hackers had gained control through breaching a frontend workstation, from which they then were able to obtain privileged account credentials to gain access to SingHealth's database.
Full long article is here:
There is another good read on the leak here: