The Ministry of Defence (MINDEF) has announced that it detected a breach in its I-net system (I-net) earlier this month, which revealed that basic personal data, comprising NRIC numbers, telephone numbers, and dates of birth of around 850 servicemen and employees were stolen.
MINDEF said that the I-net provides Internet access to national servicemen and employees for their personal communications or Internet surfing using dedicated I-net computer terminals in MINDEF and Singapore Armed Forces (SAF) camps and premises, adding that no classified military information is stored on I-net.
It said that NRIC numbers, telephone numbers and dates of birth are required for I-net account management and these are stored on I-net.
While, the Ministry stated that classified matters in MINDEF/SAF use a different computer system with more stringent security features and are not connected to the Internet.
Upon detection, MINDEF noted that it disconnected the affected server from I-net. Immediate and detailed forensic investigations were conducted on the entire I-net to determine the extent of the breach.
As a precaution even though no breach had been detected, it noted that all other computer systems within MINDEF/SAF are also being investigated.
The Ministry said that investigations are ongoing.
According to MINDEF, the attack on I-net appeared to be targeted and carefully planned.
The Ministry said that the real purpose of the attack may have been to gain access to official secrets. Fortunately, this was prevented by the physical separation of I-net from its internal systems.
MINDEF said that all affected personnel will be contacted within the week.
It said that they will be informed that personal data had been stolen and to change their passwords for other systems if these use any of the stolen information, adding that they have also been advised to report any unusual activity related to the use of their personal information to MINDEF/SAF.
Affected personnel with further queries may also contact MINDEF/SAF at 1800-367-6767 or [email protected].
“As Internet access is needed by national servicemen and employees while they are in camp, MINDEF/SAF will continue to provide access to our servicemen despite this incident. We will continually strengthen our cyber defences as the level of targeted attacks is expected to continue and rise,” it said.
MINDEF noted that it has also informed the Cyber Security Agency and the Government Technology Agency of Singapore to investigate other Government systems. No breaches have been detected so far.
“MINDEF apologises for this breach and any inconvenience or harm caused to all affected servicemen,” it said.