3 Biggest Data Breaches in Singapore: What You Should Know About It
1. December 2019
The year 2019 ended with frustrating news for Singapore's cybersecurity. Personal files and data belonging to 2,400 Ministry of Defence (Mindef) and Singapore Armed Forces (SAF) were put at risk, almost being leaked to the public.
A third part IT cyber security consultant employed by the government organisations that provided the logistics and equipping services claimed that the breach was a result of a series of email phishing activities involving malicious malware sent to its employee's emails. The system, full of names and NRIC numbers, and contact information of the whole staff, was affected.
The investigation of the incident concluded that it was a mere random and opportunistic attack on the server and there was no evidence that the data was successfully duplicated or exported.
2. January 2019
The second health data breach in the past year. Singapore's Ministry of Health admitted that confidential data that belongs to 14,200 people diagnosed with HIV were illegally leaked online for no reason or whatever.
The data includes name, contact info, HIV test results, and other medical information of 5,400 Singaporeans, and 8,800 foreigners dating up to January 2013. This kind of data normally needs a Security Assertion Markup Language (SAML) authentication or authentication on a higher tier.
The culprit, was one Mikhy Farrera Brochez, a 33-year-old American citizen who lived in Singapore between the years of 2008-2016. He was found guilty on several counts, including transmitting threats for extortion and illegally transferring the identification of another person, by a US court and was given a two-year sentence to service in jail.
3. July 2018
The largest city-state data breach happened in summer of 2018, 1.5 million patients to SingHealth's specialist outpatients clinics affected by it, including Prime Minister Lee Hsien Loong and a few ministers.
Personal information like names, National Registration Identity Card (NRIC) numbers, addresses, gender and dates of birth. 160,000 patients had details related to outpatient dispensed medicines as well.
Among the "top priority" recommendations proposed by Singapore healthcare institutions to work on were raising awareness of cybersecurity and tighten control of privileged administrator accounts.
There is no such thing as invulnerable protection because if the government wasn’t, the only thing you can do is make sure you are protected by hiring IT security solutions in Singapore to ensure your business’ security.
