Singapore Health Database Hit by 'Major' Cyberattack

Friday, July 20, 2018

Mike Lennon


Singapore Prime Minister Lee Hsien Loong Targeted as Part of SingHealth Cyberattack

Singapore’s Ministry of Health (MOH) said Friday that a Singapore Health Services (SingHealth) database containing patient data, including personal information on Prime Minister Lee Hsien Loong, was hit by a “major” cyberattack.

According to an official statement, the breach impacted approximately 1.5 million patients who visited SingHealth’s certain clinics between May 2015 and July 2018.

“The attackers specifically and repeatedly targeted Prime Minister Lee Hsien Loong’s personal particulars and information on his outpatient dispensed medicines,” the statement said.

After detecting unusual activity on one of SingHealth’s IT databases on July 4, investigations by Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHiS) concluded that the attack was a “deliberate, targeted and well-planned cyberattack” that resulted in data being exfiltrated from June 27, 2018 to July 4, 2018.

Data accessed in the attack include name, National Registration Identity Card (NRIC) number, address, gender, race and date of birth. 

“CSA has ascertained that the cyber attackers accessed the SingHealth IT system through an initial breach on a particular front-end workstation,” the satement said. "They subsequently managed to obtain privileged account credentials to gain privileged access to the database. Upon discovery, the breach was immediately contained, preventing further illegal exfiltration."

IHiS, the technology agency for the public healthcare sector, said steps have been taken to bolster security, including reseting user and systems accounts, temporarily imposing internet surfing separation, and placing additional controls on workstations and servers. The agency also that additional system monitoring controls have been put in place, with . similar measures being taken for IT systems across the public healthcare..

Earlier this year, the Singapore’s Ministry of Defence (MINDEF) ran a bug bounty program, which ran from mid-January to early February, after a breach last year which hackers were able to steal personal data from about 850 military servicemen and other employees from a defence ministry web portal.

In August 2014, Singapore officials announced new measures to strengthen cyber security following attacks on a section of the prime minister's website, as well the website of the presidential residence. 

Singapore is the home city for SecurityWeek’s Singapore ICS Cyber Security Conference, an event dedicated to serving critical infrastructure and industrial internet stakeholders in the APAC region that is held each April. 

Related: Hackers Breached Non-Classified System at Singapore's Ministry of Defence

Related: Trump-Kim Summit Attracts Wave of Cyber-Attacks on Singapore

Possibly Related Articles:
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked