Singapore’s Biggest Healthcare Group Hacked, 1.5 Million Patient Records Thieved

July 22, 2018

 

Singapore’s biggest healthcare group, SingHealth, has suffered a huge data breach that let hackers to steal private information of 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018.

SingHealth is the biggest healthcare group in Singapore with 2 tertiary hospitals, 5 national specialty, and eight polyclinics.

As per an advisory released by Singapore’s Ministry of Health (MOH), along with the private data, hackers also succeeded to steal ‘information on the outpatient dispensed medicines’ of roughly 160,000 patients, including Singapore’s Prime Minister Lee Hsien Loong, and few ministers.

The thieved data includes the patient’s name, date of birth, race, gender, address, and National Registration Identity Card (NRIC) numbers.

The Ministry of Health said the hackers “particularly and repeatedly” targeted the PM’s “private particulars and information on his outpatient dispensed medicine.”

So far there is no proof of who was behind the attack, however, the MOH said that the cyber attack was “not the work of careless hackers or criminal gangs.” The local media is also guessing that the hack might be a work of state-sponsored hackers.

Probes by the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHIS) also verified that “this was a premeditated, directed, and well-organized cyberattack.”

The Singapore government has ensured its inhabitants that no medical files were altered, or erased and that no analyses, test outcomes, or doctors’ notes were thieved in the attack.

All affected patients will be communicated by the healthcare organization over the next three days.

As the healthcare sector is part of the nation’s critical infrastructure, together with electricity, water, and transport, it has progressively become an appealing objective for hackers.

In the past few years, we have informed a number of hacks and data breaches, aiming the healthcare sector. Just previous month, it was disclosed that DNA registries of over 92 million MyHeritage clients were thieved in the preceding year by some unidentified hackers.

Earlier this year, it was informed that over half of Norway’s population revealed its healthcare data in a huge data breach that aimed the country’s main healthcare organization.

The main thing to safeguard against any data breach is to remain cautious, as nobody knows when or where your thieved identities will be used. Therefore, affected consumers will just have to remain careful.