A data breach that’s being described as Singapore’s “worst” digital attack on record exposed the personal information of an estimated 1.5 million people.
On 20 July, multiple ministries Singapore’s government held a press conference on what they believe was a state-sponsored attack.
They didn’t reveal whom they felt was responsible for targeting SingHealth, the island city-state’s largest collection of healthcare institutions. But they did disclose that the data theft occurred between 27 June 2018 and 4 July 2018 after someone infected one of SingHealth’s front-end workstations with malware.
Government officials first detected unusual activity on one of SingHealth’s databases on 4 July. The healthcare institution blocked unknown connections and changed some of its passwords in response. Less than a week later, Health Ministry, SingHealth and the Cyber Security Agency of Singapore learned that the anomalous activity was part of a larger digital attack.
Police received a report about the breach on 12 July.
In all, the incident compromised the personal information of 1.5 million people who visited SingHealth between 1 May 2015 and 4 July 2018. That’s more than a quarter of Singapore’s population. Among those affected were several ministers and Prime Minister Lee Hsien Loong, reported The New Paper. In fact, the ministries said during their press conference that the attackers “specifically and deliberately targeted” the PM’s information.
During the incident, bad actors copied and accessed patients’ names, addresses, dates of birth and other personal information. There’s no evidence at this time that they undermined the integrity of a single affected individual’s record or viewed medical data such as diagnosis details or doctors’ notes.
Singapore’s government announced that all of its Smart Nation initiatives designed to improve the health, mobility, lives and economy of the country, which include the creation of a National Electronic Health Record (NEHR) project, will be suspended while officials investigate the incident. SingHealth said it would temporarily ban web surfing on its 28,000 employees’ workstations and begin notifying affected patients in the meantime.
Government officials have agreed to create a Committee of Inquiry (COI) to investigate the incident.
Given attacks such as the one against SingHealth, it’s important that healthcare organizations strengthen their information security defenses. Here are some best practices that can help.