Hackers have stolen the health records of 1.5 million Singaporeans, including Prime Minister Lee Hsien Loong, in the Lion City’s biggest ever data breach.
The health and information ministries said an official database was hacked in a “deliberate, targeted and well-planned” operation.
“It was not the work of casual hackers or criminal gangs,” the government said.
SingHealth has temporarily banned its staff from accessing the internet on all 28,000 of its work computers, the Straits Times reportedly.
The agency’s move is aimed at block leaks from work emails and shared documents while stifling further cyber-attacks.
Other public health-care organisations are expected to do the same.
Almost a third of Singapore’s population was affected.
“Attackers specifically and repeatedly targeted the personal particulars and outpatient information of Prime Minister Lee Hsien Loong,” health minister Gan Kim Yong told the media.
Singapore is hyper-connected and hopes to digitise government databases and essential services, while it has some of the most advanced weaponry in the region, which is seen as vulnerable to cybercrime.
“[The Singapore Cyber Security Agency] indicates this is a deliberate, targeted and well-planned cyber-attack and not the work of casual hackers or criminal gangs,” Gan added.
The prime minister’s data has not yet appeared online.
Lee, the world leader with the highest official pay with a wage is US$1.7 million a year, posted on Facebook: “I don’t know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret or at least something to embarrass me.
“My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.”
In 2017, hackers broke into a defence ministry database, stealing details of around 850 military conscripts and ministry staff.
Hackers used a computer infected with malware to gain access to the database in late June before administrators said they spotted “unusual activity” about 10 days later.
The stolen data included personal information and details of medication but not medical records or clinical notes, the Singaporean authorities said.
“Health records contain information that is valuable to governments,” said Eric Hoh of cyber-security firm FireEye.
“Nation states increasingly collect intelligence through cyber-espionage operations which exploit the very technology we rely upon in our daily lives.”
Pioneering Singapore is vulnerable to cybercrime. Picture credit: MaxPixel