Hackers have stolen personal data in Singapore belonging to some 1.5 million people, or about a quarter of the population, officials say.
They broke into the government health database in a “deliberate, targeted and well-planned” attack, according to a government statement.
Those targeted visited clinics between 1 May 2015 and 4 July of this year.
Data taken include names and addresses but not medical records, other than medicines dispensed in some cases.
“Information on the outpatient dispensed medicines of about 160,000 of these patients” was taken, the statement says.
“The records were not tampered with, ie no records were amended or deleted. No other patient records, such as diagnosis, test results or doctors’ notes, were breached. We have not found evidence of a similar breach in the other public healthcare IT systems.”
The data of Prime Minister Lee Hsien Loong, including information on his outpatient dispensed medicines, was “specifically and repeatedly targeted”. Mr Lee has survived cancer twice.
How were systems breached?
They struck some time between 27 June and 4 July, according to the government.
SingHealth has temporarily banned staff from accessing the internet on all 28,000 of its work computers, according to the Straits Times.
The move is aimed at plugging leaks from work e-mails and shared documents as well as guarding against possible cyber-attacks.
Other public healthcare institutions are expected to do the same.
How vulnerable is Singapore to hacking?
It has stepped up measures in recent years, including disconnecting computers for certain key ministries in the civil service from the internet, so that they operate on intranet only.
A cyber-attack last year targeted the defence ministry but only got basic information on military conscripts.
In 2013, Mr Lee’s official website was “compromised” by people claiming to be members of the hacking group Anonymous.
The hackers posted an image of a Guy Fawkes mask – the symbol of the Anonymous group – on the prime minister’s site with the words: “It’s great to be Singaporean today.”
Anonymous had earlier threatened to target infrastructure in Singapore in what it said was a protest against licensing regulations on news websites.
Singapore is not the only country to be subjected to high-profile attacks by hacking groups. Others include:
A cyber-attack crippled the UK’s National Health Service (NHS) and other organisations around the world in May last year. A hacking group in North Korea known as Lazarus is believed to have launched the attack, which involved malware known as WannaCry
In 2014, the US claimed that North Korea was behind cyber-attacks on Sony Pictures, after the entertainment company released a film featuring the fictional killing of its leader Kim Jong-un.
Why target health services?
“Nation states increasingly collect intelligence through cyber espionage operations which exploit the very technology we rely upon in our daily lives,” he says, adding: “Many businesses and governments in South East Asia face cyber threats, but few recognise the scale of the risks they pose.”
Source : BBC