July 25, 2018 Source: HealthcareIT News 791
An organized cyberattack on the Singapore government’s health database caused a leak of 1.5 million patients’ records, including Prime Minister Lee Hsien Loong, for nearly an entire week.
The hackers first attained access to privileged account credentials by attacking a front-end workstation, giving them entry to the database. Suspicious activity was noticed by officials on the 4th of July whereas the breach commenced on the 27th of June.
Investigators reported that there was no meddling found with the records; only a robbery of the data. Officials remarked that it wasn’t the work of “casual hackers or criminal gangs,” and was carried out with extensive planning.
Specifically, clinical visits to SingHealth’s outpatient clinics and polyclinics from May 1, 2015, to July 4, 2018, were targeted, the official statement said.
The breached data included demographic information and patient identification numbers. Also, information on outpatient-dispensed medications for 160,000 patients, including the prime minister, was stolen.
Officials swiftly worked to prevent additional illegal access and warned authorities to probe into it, once they became aware of the unusual activity. Meanwhile, the hackers kept on trying to gain access into the system. However, all suspicious activity stopped entirely on July 4.
The attack has resulted in tighter security setup in the health system, involving a temporary “imposing internet surfing separation.” The controls on workstations and servers have been beefed up, user and systems accounts are reset, and extra system monitoring controls have been installed.
By Dduyour submission has already been received.
OK
Please enter a valid Email address!
Submit
The most relevant industry news & insight will be sent to you every two weeks.