Friday, 20 July 2018

Singaporean prime minister Lee Hsien Loong among 1.5m hit by medical data hack



The prime minister of Singapore, Lee Hsien Loong, has had his details stolen alongside those of 1.5 million other patients.
 
The patient database of the country's SingHealth healthcare group, was stolen in "very serious and unprecedented, massive cyber attack", according to the country's health minister Gan Kim Yong.
 
 
"The attackers specifically and repeatedly targeted Prime Minister Lee Hsien Loong's personal particulars and information on his outpatient dispensed medicines," the ministry stated.


The hack of the country's largest group of healthcare providers, SingHealth, led to the theft of personally identifying information for a quarter of the country's 5.6m population.


It includes names and addresses, as well as prescription information in some instances - potentially allowing a hostile agency the ability to blackmail or otherwise attack the people whose data has been stolen.


The data breach is surprising for Singapore, which - as a developed financial centre - is considered to be among the most cyber secure in the Asia Pacific region.


It is a significant breach reminiscent of one at the Office of Personnel Management (OPM) in the US, when more than 21 million federal government staff's records were stolen.


Among the stolen documents held by OPM were copies of a document known as Standard Form 86, a 127-page questionnaire filled out by staff seeking security clearance.


This form included details which would be useful to a hostile intelligence agency seeking to blackmail government staff.
 
 
Eric Hoh, the president of Asia Pacific at cyber security business FireEye told Sky News: "Health records contain information that is valuable to governments and they are often targeted by nation-state threat actors.


"Nation-states increasingly collect intelligence through cyber espionage operations which exploit the very technology we rely upon in our daily lives.


"Many businesses and governments in Southeast Asia face cyber threats, but few recognise the scale of the risks they pose.


"Singapore ranks among the leaders in cyber security, and we would like to see more governments follow their lead in disclosing breaches. Disclosure enables other organisations to take steps to improve their defences against similar attacks."


Singaporean government spokespeople described the attack as "deliberate, targeted and well-planned" and said it was conducted by sophisticated hackers.


The chief executive of Singapore's cyber security agency, David Koh, said they had not yet found the prime minister's information for sale online.


Health minister Gan Kim Yong apologised for the breach: "I am deeply sorry that this has happened.


I would like to apologise to the affected patients."




SKY       News.