In the worst ever breach of personal data in Singapore, hackers have stolen information of 1.5 million patients, including that of Prime Minister Lee Hsien Loong, by infiltrating the computers of the country’s largest health group, the authorities said.
The hackers infiltrated SingHealth and stole the health records, including the outpatient prescriptions of 160,000 people, from the period between 1 May 2015 and 4 July 2018, they said.
The data theft happened between 27 June and 4 July. However, the hackers did not amend or delete the records, the Ministry of Health and the Ministry of Communications and Information said in a joint statement.
“Attackers specifically and repeatedly targeted the personal particulars and outpatient information of Prime Minister Lee Hsien Loong,” health minister Gan Kim Yong told a press conference.
Forensic analysis by Singapore’s Cyber Security Agency “indicates this is a deliberate, targeted, and well-planned cyberattack and not the work of casual hackers or criminal gangs,” he added. Officials declined to comment on the identity of the hackers, citing “operational security,” but said the prime minister’s data has not shown up anywhere on the internet.
“I don’t know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret or at least something to embarrass me,” Lee wrote on Facebook.
“My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.”
Hackers used a computer infected with malware to gain access to the database between June 27 and July 4 before administrators spotted “unusual activity”, authorities said.
The compromised data includes personal information and medication dispensed to patients, but medical records and clinical notes have not been affected, the health and communications ministries said.
“Health records contain information that is valuable to governments,” said Eric Hoh, Asia-Pacific president of cyber-security firm FireEye.
“Nation states increasingly collect intelligence through cyber-espionage operations which exploit the very technology we rely upon in our daily lives.”
Earlier this month, the US National Intelligence Director Dan Coats described Russia, China, Iran and North Korea as the “worst offenders” when it came to attacks on American “digital infrastructure”.