SignHealth, Singapore’s biggest healthcare group has witnessed a data breach, where around 1.5 million patients data who visited SingHealth clinics between May 2015 and July 2018 has been hacked. SignHealth with a network of 2 territory hospitals and 5 national specialty centers and eight polyclinics is the largest healthcare group in Singapore.
Singapore’s Ministry of Health released an advisory states along with the personal data the hackers also managed to get access to information on the outpatient dispensed medicines’ of about 160,000 patients, which also includes Singapore’s Prime Minister Lee Hsien Loong and few other ministers.
Ministry of Health further said – “On 4 July 2018, IHiS’ database administrators detected unusual activity on one of SingHealth’s IT databases. They acted immediately to halt the activity.”
It was confirmed that the stolen data consisted of the patient’s name, address, gender, race, date of birth, and National Registration Identity Card (NRIC) numbers.
The Ministry of Health said the hackers have been repeatedly targeting the PM’s “personal particulars and information on his outpatient dispensed medicine.” Though there has been no evidence of who has been behind the hacking attack, the Ministry of Health is sure it not the work of casual hackers or criminal gangs. There are speculations by local media which suggest the attack could be a work of state-sponsored hackers. These reports were supported by Investigations by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHiS) which confirmed that “this was a deliberate, targeted, and well-planned cyberattack.”
He believes that the attackers are “extremely skilled and determined” and they have “huge resources” to conduct such cyber attacks repeatedly.
The citizens have been assured by the Singapore government that no medical records were tampered, or deleted and that no diagnoses, test results, or doctors’ notes were stolen in the attack. All the patients who have been affected by the data breach will be contacted by the healthcare institution over the next five days.
The governments need to be vigilant about its nations infrastructure which includes Healthcare sector along with water, electricity, and transport, as it is becoming an attractive target for hackers. You never know when or where the stolen data will be used, so victims of this attack need to be careful.