10 Major Data Breaches In Singapore That Explain Why We Must Prioritise Cybersecurity

Data Breaches Have Been On The Rise In Singapore

Singapore was ranked the safest country in the world based on a report by the World Justice Project in 2018. However, it seems that data breaches are threatening our online safety.

In 2019 alone, there were 3 major data leaks that affected millions of Singaporeans. Over the years, there have been other high profile cases that you may have forgotten.

We revisit a few breaches that threatened Singapore since the ‘internet age’.

1. Y2K bug in 1999

The Y2K bug, also known as the Millennium Bug, messed with the formatting and storage of calendar data right before the year 2000.


The bug affected Singaporeans at every level.

To our average Singaporeans, it may have been slightly troublesome. For example, the bug caused computerised taxi meters to stop working in Singapore.

Tech stock companies were dealt a more severe blow. Many saw their stocks nosediving and could do nothing about it. The rapid fall in stocks also forced certain banks to sell off business assets.

2. Anonymous attacks in 2013

The Anonymous case was one of the most iconic in Singapore’s history. The hackers donned the infamous Guy Fawkes mask whenever they appeared on screen to speak.

Anonymous is a decentralised hacktivist group that focuses on correcting injustices.


2 hackers, who declared themselves part of Anonymous, declared war on Singapore due to a new law on web censorship.

The group attacked PAP’s webpage, leaking government employees’ personal information.

3. SingPass leaks in 2014

1,500 SingPass accounts were hacked into a few months after the Anonymous attacks.


The situation began when SingPass was informed of false password resets. People received letters informing them that they had reset their password when they did not do so.

At the time, 1560 SingPass accounts were potentially accessed.

Even after the breach, SingPass accounts were used for crimes such as fake work pass applications.

4. K Box Data Breach in 2014

More than 300,000 K Box members had their mobile numbers, ID card numbers, and addresses leaked in Oct 2014.


This incident was due to Singapore raising her causeway toll rate which enraged hackers, “The Knowns”.

They threatened to leak more information from other companies if their conditions were not met. Fortunately, they never followed up on their threats.

The leak was attributed to their lacklustre effort to protect clients information.

5. WannaCry Ransomware 2017

WannaCry ransomware encrypts files in your computer preventing you from accessing it. Attackers would only decrypt the files if you paid them a sum in Bitcoin.


Fortunately, the ransomware did not hit Singapore as badly as others. Only 500 IP addressed were affected by this.

The software had was stopped from spreading as a ‘kill switch’ was found ending the saga.

6. MINDEF got hacked in 2017

MINDEF was hacked by an unknown group of people in 2017.


Fortunately, the hackers only got away with the personal data of 850 NSmen as MINDEF keeps its information on a seperate server.

Based on MINDEF’s statements, the attack was pre-meditated and could even have been sponsored by other states that were trying to steal classified information.

7. SingHealth got hacked in 2018

Singapore’s worst cyber attack so far happened in 2018. 1.5 million SingHealth patients had their personal particulars stolen.


But what shook Singapore the most was that the attacks were directed at our Prime Minister Mr Lee Hsien Loong himself.

8. HIV data leak in 2019

The ‘hottest’ data breach of 2019 was probably the pair that were involved in HIV leak.


Mr Farrera-Brochez, Mr Ler Teck Siang’s lover, was charged with fraud and drug-related offences in 2016. He was deported back to America in 2018 after he completed his jail term.

His name resurfaced again in 2019 as he was suspected to have leaked the personal information of over 14,200 HIV-positive individuals.

9. Blood-donors personal information exposed in 2019

Over 800,000 blood donors had their information leaked online due to a loophole in the system.


A cybersecurity expert was the first to spot the system fault. Thanks to his report, HSA disabled the database and the police were informed.

10. MOH, MOE accounts sold on the dark web in 2019

A Russia cyber-security group found details like usernames and passwords of accounts related to MOH, MOE, Singapore Police and NUS and payment care details on the dark web.


Based on a spokesman of A Smart Nation and Digital Government Group, the main reason for these leaks are the misuse of government email addresses.

Government email addresses were being used for personal purposes like sign-ups for events and marketing promotions.

Singapore prioritising cybersecurity

Singapore’s track record doesn’t seem to be great considering that there were other small-scale cases not on this list.

However, when we look at the bigger picture, the government is doing a lot to improve cybersecurity.

During the Trump-Kim Summit, there were 40,000 attacks on Singapore. None managed to succeed due to measures put in place by the Cyber Security Agency of Singapore.

Do you think more can be done to fend off nefarious cyberattacks? Let us know in the comments below.

Featured image from Google Maps and Google Maps.

Drop us your email so you won't miss the latest news.

  • More From Author