1.5m health records hacked in cyber attack targeting Singapore PM
Attackers repeatedly targeted cancer survivor Lee Hsien Loong’s personal data and information on medicine dispensed to him.
A cyber attack on Singapore’s public health system which breached records on 1.5 million people targeted the prime minister, officials said.
Attackers specifically and repeatedly targeted Prime Minister Lee Hsien Loong’s personal particulars and information on medicine dispensed to him, the communications and health ministries said. He has been treated for cancer twice.
Police investigations are ongoing.
SingHealth’s database had a major cyberattack. 1.5m patients, myself included, have had personal data stolen. CSA & SNDGG will work with MOH to tighten up defences & processes. We are convening a Committee of Inquiry to look into this. – LHL https://t.co/lO68rXKfQ3— Lee Hsien Loong (@leehsienloong) July 20, 2018
The attack on SingHealth data involved people who visited outpatient clinics from May 2015 to July 4, when the cyber attack occurred. Their data was copied, but officials say nothing was altered. Some had their records of dispensed medicines copied.
Mr Lee has been treated for lymphoma and prostate cancer.
He said on Facebook that if the hackers were looking for a dark state secret or something to embarrass him, “they would have been disappointed”.
The PM added: “My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.”
Officials said the cyber attack on July 4 was “deliberate, targeted and well-planned” and not the work of casual hackers or criminal gangs.
Police said a review of the SingHealth system will be conducted and affected patients will be informed.
SingHealth’s database has experienced a major cyber-attack. 1.5 million patients have had their personal particulars...Posted by Lee Hsien Loong on Friday, July 20, 2018
Channel NewsAsia reported that investigators had already determined who was behind the attack.
In a news conference with local media, David Koh, chief executive of the Cyber Security Agency of Singapore, declined to discuss the perpetrators for security reasons.
The attack on the SingHealth database is believed to be the most serious breach of personal data in Singapore’s history.
Around 1.5 million people who visited outpatient clinics from May 1 2015 to July 4 this year had their personal data accessed and copied, including names, identification card numbers, addresses, race, gender and dates of birth. Of that total, 160,000 also had their records of dispensed medicines copied too.
Officials said the patients’ information was not amended or deleted. And the hackers did not have access to other records, such as diagnosis documents, test results or doctors’ notes, the statement said.
Mr Lee, who has been Singapore’s prime minister since 2004, has been treated for intermediate-grade malignant lymphoma and prostate cancer. He underwent surgery to remove his prostate gland in 2015 and was subsequently given the all-clear by doctors.
He added: “My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.”