Hacker hands at work with interface around from Shutterstock.com

The Ministry of Defence (MINDEF) and Singapore Armed Forces (SAF) have experienced malware incidents involving the personal data of several thousand MINDEF/SAF personnel as two of its vendors, HMI Institute of Health Sciences and ST Logistics, reported data breaches in their systems.
In a statement on 21 December, MINDEF said that HMI Institute of Health Sciences (HMI Institute) has been contracted by the SAF since 2016 and ST Logistics has been a vendor since 1999. Both were provided with the personal data of MINDEF and SAF personnel for the provision of their services.
On 21 December, HMI Institute announced in a statement that it discovered a file server that was encrypted by ransomware of 4 December which contained the personal data of over 120,000 individuals including full names, NRIC numbers, date of birth, home addresses and email addresses. Among those, approximately 98,000 are SAF servicemen who attended the Cardio Pulmonary Resuscitation (CPR) and Automated External Defibrillation (AED) course provided by HMI Institute.
HMI Institute, owned by Health Management International, noted that the server was immediately taken offline and isolated from the internet and internal network. They then engaged a cybersecurity firm to investigate the incident. It was found that the attack was random and opportunistic, though there was no evidence to show that the data on the affected server was copied or exported. The statement said that there is a “low likelihood of a data leak”.
Mr Tee Soo Kong, Executive Director, HMI Institute of Health Sciences said: “We take this incident very seriously and we deeply apologise to the students and applicants affected and for the inconvenience caused. Preserving their privacy and keeping their personal data safe are our highest priorities.”
He added, “We have also put in place additional measures to fortify our systems against increasingly sophisticated cyber intrusions.”
As for ST Logistics, the company said the breach it experienced was a result of email phishing activities sent to its employees’ email accounts.
“This data, contained in working files residing in affected workstations, may have been exfiltrated,” it said.
The affected systems contained the full names and NRIC numbers as well as a combination of contact numbers, emails and residential addresses of about 2,400 MINDEF/SAF personnel. In this case, MINDEF said that preliminary investigations indicate that personal data could have been leaked.
ST Logistics, which is owned by Japan Post, added that it has carried out “extensive forensic investigations” via its own cybersecurity team supported by external cybersecurity experts.
Both companies reported the incidents to the Personal Data Protection Commission (PDPC) and the Singapore Computer Emergency Response Team (SingCERT). PDPC is investigating both cases.
MINDEF said, “MINDEF and the SAF take a serious view on the secure handling of personal data by our vendors. The security of their IT systems is an important factor that will be taken into account in the award of contracts.”
It added that it is engaging other vendors who hold MINDEF/SAF personnel information to strengthen the security of their IT systems.
Defence Cyber Chief Brigadier-General Mark Tan said, “The malware incidents affected the IT systems of our vendors. Although MINDEF/SAF’s systems and operations were not affected, the malware incidents in these vendor companies may have compromised the confidentiality of our personnel’s personal data. We will review the cybersecurity standards of our vendors to ensure that they are able to protect our personnel’s personal data and information.”
MINDEF notes that affected personnel are being notified of the breach from 21 December onwards.

Breaches in 2019

This latest incident is yet another in a string of security breaches in Singapore this year which culminated in the formation of the Public Sector Data Security Review Committee on 1 April to review how the Government secures and protects the data of its citizens. The government said in November it will be rolling out recommendations from the committee in 80% of its systems by the end of 2021, and the remaining 20% by end of 2030.
One of the cybersecurity incidents this year happened in March when Russian cybersecurity company Group-IB revealed its discovery of a massive data breach involving email log-in and passwords from several government organisations on the dark web since 2017 as well as over 19,000 compromised payment card details stolen and put up for sale by the hackers.
In a statement, Group-ID revealed that the breach involved Singapore’s Government Technology Agency, Ministry of Education, Ministry of Health, the Singapore Police Force and the National University of Singapore.
Also in March, insurance company AIA reported that one of its web portals containing the personal information of 200 people was found to be publicly accessible. In worse cases, the data of more than 800,000 blood donors were placed at risk over the internet due to unauthorised access by a Health Sciences Authority (HAS) vendor for over two months, also revealed in March.
Earlier in January, the Ministry of Health was notified by the police that the confidential data of 14,2000 individuals in the national HIV Registry, as well as 2,4000 contacts, has been illegally disclosed online.
Those were all in 2019. However, in June 2018, Singapore saw the worse cyber attack in its history which resulted in the personal data breach of 1.5 million patients of healthcare cluster SingHealth, including the information of Prime Minister Lee Hsien Loong.
According to data research, the number of leaked cards has increased by 56% in 2018 compared to 2017, following a string of breaches and cyber attacks in both the public and private sector.

Notify of
Inline Feedbacks
View all comments
You May Also Like

Ho Ching apologises on Facebook for her “monkey post”

While some were calling for restraint and some calling for more popcorns…


今日(6月4日)是60年代左派领导者,已故林福寿医生逝世八周年(生于1931年2月21日,逝于2012年6月4日)。他曾在已故建国总理李光耀政府期间,被拘留近20载。 功能八号氏族会今日在脸书专页贴文,悼念林福寿过去为新加坡作出的贡献和牺牲。与此同时,也勿忘那些在1963年2月2日,冷藏行动下的被迫害者。 当时政府号称冷藏行动为最大宗的国家安全行动。多达133人,依“维护公共安全条例”(PPSO)下, 在凌晨时分被逮捕。包括林福寿、工会工作人员、专家、教育工作者以及学生领袖,进行拘留并在未经审判下长时间监禁他们。 然而,在许多新闻报导中,都没有提及任何颠覆性文件或任何武器被扣押。“我们可以肯定地说,被捕者没有任何武器或颠覆性文件。他们甚至没有试图逃脱或抵抗逮捕。政府怎么能认为他们很危险必须被对付?” 社阵中委林福寿,得到来自吉隆坡友人预警有关警方的突袭行动,但他仍留在家里,也未拒捕。傅树介医生等人亦是如此。如果他们真的是颠覆或恐怖份子,难道不早就试图逃之夭夭? 人民行动党声称,被捕者是颠覆性、不忠的新加坡人,这是荒唐可笑的。当时有武器在手的都是辜加兵和参与行动的警察。每个被捕者都动用了10位武装人员。1963年使用的震慑策略,仍沿用至今。 由于政府没有任何针对被捕者的颠覆证据,也没有人受到审判。 在《内安法令》下,决策者完全可以滥用权力。可以无限期拘留林福寿等政治对手,甚至可以拘留一世。 在拘留的第十年,他被开出条件,若接受就能获释,但他拒绝接受李光耀的要求。1972年3月18日,林福寿医生透过妻子陈宗孟医生发出声明,显示他拒绝“给脸”李光耀,林福寿钢铁般的意志,导致他必须面对另外10年监禁的代价。 功能八号氏族会指出,容许《内安法令》存在的危险在于,若缺乏政府更迭和有力的反对党,那么像林福寿那样的拘留者很可能就这么被遗忘、无限期地被关在监狱。难道我们要继续任由政府滥用此恶法? 林福寿去世前一周,他还曾发简讯给光谱行动25周年纪念主办方,…

Sir, may I have the can please?

This excerpt is taken from Yawning Bread’s website. I was having a…