/

What happened in the SingHealth data breach?

What happened in the SingHealth data breach?

Twingate Team

May 24, 2024

In July 2018, Singapore experienced its worst cyber attack when hackers infiltrated the databases of SingHealth, the country's largest group of healthcare institutions. Described as deliberate, targeted, and well-planned, the attack was initiated by unidentified state actors and raised concerns about data privacy and security measures in place to protect sensitive information.

How many accounts were compromised?

The breach affected approximately 1.5 million individuals.

What data was leaked?

The data exposed in the breach included patients' names, identification numbers, addresses, gender, race, and dates of birth, as well as outpatient prescription information for certain individuals.

How was SingHealth hacked?

Hackers breached SingHealth's databases by compromising a front-end workstation, gaining privileged access to the IT network and obtaining login credentials to access the database while concealing their digital footprints. They utilized customized malware to bypass antivirus and security tools, exploited coding vulnerabilities, and executed SQL queries to access and copy the data. Contributing factors to the breach included inadequate staff training, slow vulnerability fixes, and the use of outdated software and systems.

SingHealth's solution

In response to the hacking incident, SingHealth implemented enhanced security measures to protect its systems and prevent future breaches. These measures included temporarily removing internet access from all public healthcare IT terminals connected to the healthcare network, implementing additional system monitoring and controls, and enhancing network traffic monitoring. SingHealth also collaborated with the Cyber Security Agency (CSA) for forensic investigations and notified affected patients via text messages.

How do I know if I was affected?

SingHealth notified affected patients via text messages after the breach. If you were a patient at SingHealth and did not receive a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to SingHealth's data breach, please contact SingHealth's support directly.

Where can I go to learn more?

If you want to find more information on the SingHealth data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

What happened in the SingHealth data breach?

What happened in the SingHealth data breach?

Twingate Team

May 24, 2024

In July 2018, Singapore experienced its worst cyber attack when hackers infiltrated the databases of SingHealth, the country's largest group of healthcare institutions. Described as deliberate, targeted, and well-planned, the attack was initiated by unidentified state actors and raised concerns about data privacy and security measures in place to protect sensitive information.

How many accounts were compromised?

The breach affected approximately 1.5 million individuals.

What data was leaked?

The data exposed in the breach included patients' names, identification numbers, addresses, gender, race, and dates of birth, as well as outpatient prescription information for certain individuals.

How was SingHealth hacked?

Hackers breached SingHealth's databases by compromising a front-end workstation, gaining privileged access to the IT network and obtaining login credentials to access the database while concealing their digital footprints. They utilized customized malware to bypass antivirus and security tools, exploited coding vulnerabilities, and executed SQL queries to access and copy the data. Contributing factors to the breach included inadequate staff training, slow vulnerability fixes, and the use of outdated software and systems.

SingHealth's solution

In response to the hacking incident, SingHealth implemented enhanced security measures to protect its systems and prevent future breaches. These measures included temporarily removing internet access from all public healthcare IT terminals connected to the healthcare network, implementing additional system monitoring and controls, and enhancing network traffic monitoring. SingHealth also collaborated with the Cyber Security Agency (CSA) for forensic investigations and notified affected patients via text messages.

How do I know if I was affected?

SingHealth notified affected patients via text messages after the breach. If you were a patient at SingHealth and did not receive a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to SingHealth's data breach, please contact SingHealth's support directly.

Where can I go to learn more?

If you want to find more information on the SingHealth data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

What happened in the SingHealth data breach?

Twingate Team

May 24, 2024

In July 2018, Singapore experienced its worst cyber attack when hackers infiltrated the databases of SingHealth, the country's largest group of healthcare institutions. Described as deliberate, targeted, and well-planned, the attack was initiated by unidentified state actors and raised concerns about data privacy and security measures in place to protect sensitive information.

How many accounts were compromised?

The breach affected approximately 1.5 million individuals.

What data was leaked?

The data exposed in the breach included patients' names, identification numbers, addresses, gender, race, and dates of birth, as well as outpatient prescription information for certain individuals.

How was SingHealth hacked?

Hackers breached SingHealth's databases by compromising a front-end workstation, gaining privileged access to the IT network and obtaining login credentials to access the database while concealing their digital footprints. They utilized customized malware to bypass antivirus and security tools, exploited coding vulnerabilities, and executed SQL queries to access and copy the data. Contributing factors to the breach included inadequate staff training, slow vulnerability fixes, and the use of outdated software and systems.

SingHealth's solution

In response to the hacking incident, SingHealth implemented enhanced security measures to protect its systems and prevent future breaches. These measures included temporarily removing internet access from all public healthcare IT terminals connected to the healthcare network, implementing additional system monitoring and controls, and enhancing network traffic monitoring. SingHealth also collaborated with the Cyber Security Agency (CSA) for forensic investigations and notified affected patients via text messages.

How do I know if I was affected?

SingHealth notified affected patients via text messages after the breach. If you were a patient at SingHealth and did not receive a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to SingHealth's data breach, please contact SingHealth's support directly.

Where can I go to learn more?

If you want to find more information on the SingHealth data breach, check out the following news articles: