Singapore personal data hack hits 1.5m, health authority says

Singapore, a wealthy city state, which prides itself on its stability and security has disclosed that hackers have stolen personal data in Singapore belonging to some 1.5 million people, or about a quarter of the population, officials say.

They broke into the government health database in a “deliberate, targeted and well-planned” attack, according to a government statement.

Those targeted visited clinics between 1 May 2015 and 4 July of this year.

Data taken include names and addresses but not medical records, other than medicines dispensed in some cases.

“Information on the outpatient dispensed medicines of about 160,000 of these patients” was taken, the statement says.

“The records were not tampered with, ie no records were amended or deleted. No other patient records, such as diagnosis, test results or doctors’ notes, were breached. We have not found evidence of a similar breach in the other public healthcare IT systems.”

The data of Prime Minister Lee Hsien Loong, including information on his outpatient dispensed medicines, was “specifically and repeatedly targeted”. Mr Lee has survived cancer twice.

The government has previously warned of cyber-attacks, saying it has been the target of international hackers, but most attacks were foiled.

It has stepped up measures in recent years, including disconnecting computers for certain key ministries in the civil service from the internet, so that they operate on intranet only.

A cyber-attack last year targeted the defence ministry but only got basic information on military conscripts.