Singapore health system hit by ‘most serious breach of personal data’ in cyberattack

[Vometra]

https://www.channelnewsasia.com/news/singapore/singhealth-health-system-hit-serious-cyberattack-pm-lee-target-10548318

A total of 1.5 million SingHealth patients’ non-medical personal data were stolen, while 160,000 of those had their dispensed medicines’ records taken too, according to MCI and MOH.

 

Will hiv status be stolen too?

[Guest 吸蜜懒觉]

Smlj! North korea behind it? Lol

[lonelyglobe]

so who should be held responsible? IT team sleeping? who need to apologise and step down?

[Guest Guest]

5 minutes ago, lonelyglobe said:

so who should be held responsible? IT team sleeping? who need to apologise and step down?

No one will be stepping down, let's move on with life.

[lonelyglobe]

really? no one to held responsible? if today aljunied grc system kena hacked, it is going to be a very very BIG news leh

[Guest Guest]

The hacker is definitely targeting at Pinky. Probably, HSK and CCS too.

Data from ordinary peasants like us is no use. The huge data collected probably is useful to pharmaceutical companies (Johnson & Johnson, Pfizer, Bayer, Abbott Laboratories & etc.) and they can afford to do it. These rich companies and resourceful in data collection. Thus, unlikely to do hacking. 
 

Actually, I suspected it is Singapore Gov't 自编 自导 自演 Only some top tiers Gov't might know what's going on.

[Guest Guest]

18 minutes ago, lonelyglobe said:

so who should be held responsible? IT team sleeping? who need to apologise and step down?

I hope GKY forced to resign!

If this happened in other countries, that Minister sure "go" first!

 

[lonelyglobe]

yap, did u just mention other countries.....so no one will need to go here

[Guest Guest]

44 minutes ago, Vometra said:

https://www.channelnewsasia.com/news/singapore/singhealth-health-system-hit-serious-cyberattack-pm-lee-target-10548318

A total of 1.5 million SingHealth patients’ non-medical personal data were stolen, while 160,000 of those had their dispensed medicines’ records taken too, according to MCI and MOH.

 

Will hiv status be stolen too?

How can this be allowed to happen? I am shocked in awe! Who is responsible? Why was our data stored in a data server!!

 

Govt shd do things the old ways all data write in card.

 

 

[Guest ConspiracyTheorist]

Thought garhmen servers are closed systems? Inside job eh?

[Ben Ben Ben]

1 hour ago, Guest 吸蜜懒觉 said:

Smlj! North korea behind it? Lol

+1

[Guest Blank]

All the jokers IT working there  are sleeping on their job... 

[Guest Guest]

10 minutes ago, Guest Blank said:

All the jokers IT working there  are sleeping on their job... 

Thats why I do not like tech stuff..i do not like those uber, honest bee, go online do this and that, facebook, bookinh.com etc..call me old fashion but I prefer things done the old way. What is wrong with a docket instead of a data server. 

[Guest Zoe Tay]

It's either China or North Korea.  Who else can be behind it?

[Guest So special?]

2 hours ago, Guest Guest said:

The hacker is definitely targeting at Pinky. Probably, HSK and CCS too.

 

And what is so special about these people, They have medical record of being no balls and afraid to be exposed?

[Guest Cheapo]

9 minutes ago, Guest Zoe Tay said:

It's either China or North Korea.  Who else can be behind it?

Cheap IT bought from China, or subcont IT to india to safe cost, thus can be easily hacked.

[Guest Guest]

1 hour ago, Guest Cheapo said:

Cheap IT bought from China, or subcont IT to india to safe cost, thus can be easily hacked.

 

Not surprised.  Next target may be the CPF Board... and all our CPF monies may be gone.

[Ben Ben Ben]

1 hour ago, Guest Zoe Tay said:

It's either China or North Korea.  Who else can be behind it?

If China wants to hack us, they will hack us so much earlier. Nothing much to gain for hacking us! So? Who? 

[Guest cyber attack 18]

I rec'd  sms saying that i'm  " not  affected by the cyberattack...all your data is secure . No action needed . We apologise for any anxiety caused"  

[Ben Ben Ben]

11 minutes ago, Guest cyber attack 18 said:

I rec'd  sms saying that i'm  " not  affected by the cyberattack...all your data is secure . No action needed . We apologise for any anxiety caused"  

You Heng Lo 

[riverrobles]

 I also I rec'd  sms saying that i'm  " not  affected by the cyberattack...all your data is secure . No action needed . We apologise for any anxiety caused"  

[lonelyglobe]

On ‎7‎/‎20‎/‎2018 at 8:34 AM, Guest Guest said:

 

Not surprised.  Next target may be the CPF Board... and all our CPF monies may be gone.

These will be the nightmare of all....lets hope these hackers still don't know what is inside CPF

[LeanMature]

On ‎7‎/‎20‎/‎2018 at 10:18 PM, Guest Zoe Tay said:

It's either China or North Korea.  Who else can be behind it?

 

Why not US or Russia ?  

[LeanMature]

5 hours ago, riverrobles said:

 I also I rec'd  sms saying that i'm  " not  affected by the cyberattack...all your data is secure . No action needed . We apologise for any anxiety caused"  

 

Are they sending such sms to everybody or to those affected only ?

[riverrobles]

I think to those affected only . I just received it yesterday. Go check your sms.

[LeanMature]

5 minutes ago, riverrobles said:

I think to those affected only . I just received it yesterday. Go check your sms.

 

Then why did the SMS said "not affected by the cyberattack" ?  

[riverrobles]

There is a clause redacted on based on the actual sms. You need to quote the actual sms so it would be factual. It actually says  „ mobile no., financial and medical records not affected“. Kindly also check other people, I think with the number of affected , you will see one of your acquainatances received it. I wish yours is safe.

[auscent]

Inadequate resources allocated to system update and anticipating problems. Keep basking in past glory. Other database like education, CPF prob waiting to be hacked.

[mate69]

33 minutes ago, auscent said:

Inadequate resources allocated to system update and anticipating problems. Keep basking in past glory. Other database like education, CPF prob waiting to be hacked.

 

Yes. This is very likely just the precursor to something much more sinister.

It will not be the first, neither will it be the last incident.

 

The sms sent out by SingHealth is to ALL people who went to the institutions within that time frame.

But there are 2 versions of that sms - one for those whose partial info was accessed, and another for those whose info wasn't accessed at all.

 

[auscent]

Precursor already seen in MRT management. Not about data leak but foresight in system maintenance. When all is good you should start thinking about next move.

 

[Guest Guest]

Singaporeans whose names, NRIC numbers, addresses, date of birth, race and sex were disclosed now live in fear FOREVER, of identity theft and being locked out of their various accounts, online and offline.

[Guest guest]

18 minutes ago, Guest Guest said:

Singaporeans whose names, NRIC numbers, addresses, date of birth, race and sex were disclosed now live in fear FOREVER, of identity theft and being locked out of their various accounts, online and offline.

What you mean being locked out? Even you have all these information, many accounts still need singpass login and OTP.

[Guest Fatty]

On 20 July 2018 at 7:34 PM, Guest Guest said:

I hope GKY forced to resign!

If this happened in other countries, that Minister sure "go" first!

 

No blame culture please.

[Guest Guest]

39 minutes ago, Guest guest said:

What you mean being locked out? Even you have all these information, many accounts still need singpass login and OTP.

 

Are you so naive as to think Singpass login and OTP are foolproof?  Haven't you heard of the China phone scams?

[LeanMature]

14 hours ago, auscent said:

Precursor already seen in MRT management. Not about data leak but foresight in system maintenance. When all is good you should start thinking about next move.

 

 

I fear that the day will come when they hacked into MRT operation system, causing two trains to collide.

[LeanMature]

14 hours ago, Guest Guest said:

Singaporeans whose names, NRIC numbers, addresses, date of birth, race and sex were disclosed now live in fear FOREVER, of identity theft and being locked out of their various accounts, online and offline.

 

Yes, forever unless you change your NRIC number, which is impossible or your home address.  

[Guest Guest]

14 hours ago, auscent said:

Precursor already seen in MRT management. Not about data leak but foresight in system maintenance. When all is good you should start thinking about next move.

 

System maintenance...haha..how do you know its not maintained? You have insight info? Please share! Or are you spreading fake news?

[LeanMature]

14 hours ago, Guest guest said:

What you mean being locked out? Even you have all these information, many accounts still need singpass login and OTP.

 

Many people used NRIC, addresses, date of birth or their combination as password and hackers are patience and good at guessing.  

[Guest Kanchiong Spider]

Our cheef of the Cyber Security Agency of Singapore (CSA) say no worries, 'no strong commercial value' as the info stolen are just “basic demographic data”. Anyone believe?

 

http://theindependent.sg/no-strong-commercial-value-to-stolen-data-cyber-security-chiefs-shocking-claim/

[Guest Guest]

4 minutes ago, Guest Kanchiong Spider said:

Our cheef of the Cyber Security Agency of Singapore (CSA) say no worries, 'no strong commercial value' as the info stolen are just “basic demographic data”. Anyone believe?

 

http://theindependent.sg/no-strong-commercial-value-to-stolen-data-cyber-security-chiefs-shocking-claim/

What do yoi expevt him to say? The world is ending? 

[Guest Kanchiong Spider]

10 minutes ago, Guest Guest said:

What do yoi expevt him to say? The world is ending? 

 

At least be honest about the potential harm rather than sweeping it under the carpet and pretend everything is all right. It doesn't do well for his credibility as a CSA chief either.

[Guest Guest]

Word has it that new NRIC numbers may have to be issued. LOL

[LeanMature]

1 hour ago, Guest Guest said:

What do yoi expevt him to say? The world is ending? 

 

Apologize and resigns. 

[auscent]

1 hour ago, Guest Guest said:

System maintenance...haha..how do you know its not maintained?

If maintained how come such breach? This isnt a small glitch.

[auscent]

15 hours ago, Guest Fatty said:

No blame culture please.

Line between blame culture and accountability is thin.

 

My CEO was hired to clean up mess left by pv administratn. He remarked prob with our organizn is too many ppl too polite to point out mistakes, hence snowballed problem.

[LeanMature]

18 hours ago, riverrobles said:

There is a clause redacted on based on the actual sms. You need to quote the actual sms so it would be factual. It actually says  „ mobile no., financial and medical records not affected“. Kindly also check other people, I think with the number of affected , you will see one of your acquainatances received it. I wish yours is safe.

 

Mine is definitely breached, as I had visited the mentioned polyclinic during the mentioned period of time.  But I don't think I will ever receive any SMS because I have changed my mobile number.  The person using my old number could have got my SMS.  

[lonelyglobe]

16 hours ago, LeanMature said:

 

Apologize and resigns. 

precisely, we can't pay them to shake leg and la kopi

[Guest Guest]

33 minutes ago, LeanMature said:

 

Apologize and resigns. 

A foreign country launched an attack.....and you want ppl 2 resign...wow your anti govt knowa no limit...

[shyc]

21 minutes ago, LeanMature said:

 

Mine is definitely breached, as I had visited the mentioned polyclinic during the mentioned period of time.  But I don't think I will ever receive any SMS because I have changed my mobile number.  The person using my old number could have got my SMS.  

If you are concern, you can check from:

https://datacheck.singhealth.com.sg/

 

or log on to Health Buddy App. 

 

Their messages are quite generic so nothing much. You may also read this https://www.channelnewsasia.com/news/singapore/how-to-know-if-the-sms-you-received-was-from-singhealth-10552792

just be on alert if you suddenly get calls for financial details or credit card number etc. 

[Rhyn]

Hey all! I'd like to add to this conversation (speculatively) about the situation and how serious it is, while also dishing out some advise on what you can do if you are one of the unlucky people affected by the situation. I also firmly believe that no one should be fired for this situation as it is akin to firing the whole security company because an Ocean-Eleven style of attack occured on a multi-million bank heist. 

 

I'm rather invested into the tech industry and from my preliminary analysis on the situation, there are some indisputable notions that we can draw based on the information presented by the authorities relevant to the case.

 

The one pertinent point about this attack is that it is specifically targetted at the Prime Minister to gather information about him. The attack was meticulously designed and crafted to extract personal data in an attempt to compromise the PM. With this in mind, the attackers are already aware that the security levels within Singapore are pretty air-tight.

 

Need evidence? If you've served in National Service, you should have come across two different sets of networked-computer systems in the army. They are air-gapped (which means completely separated from each other), Internet and Intranet connected systems that cannot communicate with each other. You need a USB drive to transfer data as even simple emails cannot be sent between these two systems. Also, even plugging in a simple USB drive needs authorisation from somebody with sufficient rank. This is indirect evidence that Singapore takes the security of data very seriously. If I recall correctly, a foreign entity tried to access the army's databases. I won't be surprised if the attackers are somewhat connected to this incident as well. 

 

If you need more convincing, we only need to look at the basic infrastructure of SingPass. Few years ago, it mandated that everyone, including elderly people who are technically-challenged and have precious information that they need to access when they have health related issues or otherwise, have to adopt the 2FA login process; something I find tedious myself at times. 

 

So I've just covered on the emphasis Singapore has placed on data, and we can now safely assume that government data in army or public domains should have ample and adequate safety in place. Which brings me to my next point: who would target the PM?

 

This should be a state-sponsored hacking, which means to say two things: one, it is politically-motivated. Two, there is pre-planning involved to coordinate this attack successfully. Money, possibly huge sums of it is required to sustain such an attack.

 

To increase the odds of success, the attackers had to understand how SingPass works, both physically and virtually. There was reports that the front-end of the system was compromised, which might mean that virtually, the attackers might have either successfully probed holes, or created holes in the login system. It is very likely at this juncture that an attacker has or had has physical access to the databases that houses all this information as well, whether as an insider or an outsider penetrating the security in place (Look up social hacking, it is an aspect often overlooked when people talk about hacking). 

 

If they have successfully gained some level of access into the systems, the internal security structure, if robust enough for detection, would pick up such an attack. Which it did! The IT technicians monitoring noticed suspicious and unusual activity and immediately shut down access to prevent additional data from being leaked. Furthermore, there was indication that the attackers were so careful they even covered their digital footprints to try and make it look like no one had illegally accessed SingPass's data. 

 

So with all this information at hand, we can safely deduce some of the likely country, or countries involved in this data heist. I'd speculate any further but I have insufficient information at hand.

In no particular order as any of these countries are capable, have money and their own political reasons...

 

1. America

2. Iranian regions

3. Russia

4. China

5. North Korea

 

These countries have had an extensive history of cyber warfare of constantly hacking each other in an attempt to one-up the other through valuable, government-sensitive information. Singapore also has ties to these countries, but I'm not aware of these countries that have bad blood with Singapore, maybe besides North Korea as their...uh...beloved president did visit Singapore a few months ago. 

 

What if your information is accessed?

 

Well, unless you're the PM, you should have nothing to worry about except expecting scams like fake distress calls asking for your money because they kidnapped your son and demand a ransom to be placed under the void deck chairs. Check that your data is not accessed here: https://datacheck.singhealth.com.sg. If it is, be on the alert that you might receive suspicious messages or emails from people who are taking advantage of this situation. Best thing to do is not reply any of these scams.