Largest Cyberattack On Singapore Targets PM Lee And 1.5 Million SingHealth Patients

Cyberattack Was Deliberate, Targeted And Well-Planned: Cyber Security Agency

In what has been touted as the largest cyberattack on Singapore to date, hackers broke into the IT systems of SingHealth to steal records of the outpatient medication given to Prime Minister Lee Hsien Loong. Hackers also stole data of 1.5 million patients.

The Ministry of Communications and Information and the Ministry of Health announced this Friday (July 20). According to authorities, the attack took place in June this year.

They added:

The attackers specifically and repeatedly targeted Mr Lee’s personal particulars and information on his outpatient dispensed medicines.

PM Lee condemned the attack and speculated why hackers would seek his medical data.

Perhaps they were hunting for some dark state secret, or at least something to embarrass me. If so, they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.

He later explained that he had decided to go digital with his health records, believing in the merits of doing so.

I was confident that SingHealth would do their best to protect my patient information, just as it did for all their other patients in the database.

The Prime Minister also shared how the Government would move forward from this cyberattack. A Committee of Inquiry will be convened to look into the matter. Data and IT security will also be beefed up across the Government.

How it was detected

Hackers behind the cyberattack targeted the SingHealth’s IT databases. On 4 July, administrators noticed unusual activity and halted it accordingly.

It was later established that data had been stolen from the database between 27 June and 4 July. But MOH stressed that healthcare services were not disrupted and that patient care was not compromised.

SingHealth will also be contacting all patients who visited its specialist outpatient clinics and polyclinics from 1 May 2015 to 4 July this year. Patients will receive an SMS notification regardless of  whether they affected by the data hack or not.

Patients can also turn to the Health Buddy mobile app or SingHealth website to find out if their data was compromised.

Now where are those CyberNSFs when you need them?

Featured image from Observer+.

  • More From Author