Singaporeans' stolen SingHealth data exposed to identity and tax fraud | Healthcare Asia Magazine
In Focus
Healthcare
Luz Wendy Noble
, Singapore
Published:

Singaporeans' stolen SingHealth data exposed to identity and tax fraud

The SingHealth cyberattack affected over 1.5 million Singaporeans, specifically 160,000 patients.

About 1.5 million patients that visited SingHealth’s specialist outpatient clinics and polyclinics from 1 May 2015 to 4 July 2018 have had their non-medical personal particulars illegally accessed and copied. Information on the outpatient dispensed medicines of about 160,000 of these patients was also withdrawn.

Considered Singapore’s largest cyberattack, the entities also stole the information of prime minister Lee Hsien Loong as well as other ministers of the government.

Sid Deshpande, research director at Gartner, explained how the initial statements indicate that a front-end workstation was compromised, followed by privileged access credentials being used to access a database. “Attackers are usually after administrator credentials because these often enable direct access to sensitive data,” he said.

Olli Jarva, managing consultant of software integrity group Synopsys, added that healthcare data has grown its value such that hackers are now willing to go the extra mile to obtain it. “This has been a growing trend over the past few years, such that healthcare data has outgrown the value of credit card or social security numbers,” he said.

Deshpande warned that the most immediate threats people will face are that of identity fraud, financial fraud, and tax fraud. "Data contained in healthcare records is more permanent than credit card information for example so citizens need to be alert to scams resulting from social engineering efforts," he added.

"Generally, information contained in medical records is more ‘permanent’ than financial information like credit card numbers – so this type of information likely fetches higher payouts on the dark web. It could also be sponsored by nation states that have interests inimical to Singapore’s," he said.

However, Deshpande noted how the cyber attack defence was able to get perform good detection and response capabilities. “Attackers usually intend to stay dormant in systems to avoid detection and cause further damage, so the fact that the breach was detected this early actually shows that the security teams, in this case, were actively monitoring systems to detect incidents,” he added.

Still, Jarva noted that from a security standpoint, the healthcare industry shares the same shortcomings as other enterprises, but with some added obstacles. Aside from the lack of resources, the industry also has to deal with an “extremely heterogeneous environment.”

“Whilst healthcare organizations may standardize on laptops and IT servers, providers also manage multiple devices that are attached to the network. These can include drug infusion pumps, imaging devices like MRI and CT scanners, and treatment software (such as those used to manage implantable pacemakers),” Jarva said.

Typically, large computer systems are part of a bigger project developed and delivered by System Integrators (third parties), where the supply chains can get complicated.

“This compounds the challenge to manage security, as different parts of the system may have different third-party software components and inherent vulnerabilities, and often, may not be properly identified and patched early enough. This isn’t a challenge that is unique to healthcare, it is a challenge that every large organization goes through,” Jarva added.

PwC Singapore digital trust leader Tan Shong Ye noted how an organisation’s future investments can focus on strategy, process, technology, people, and culture. “With the increase in emphasis on digital and information comes the need for cyber risk assessments to keep personal data, client data and intellectual property safe,” he said.

As a final measure, Tan reminded that cybersecurity hygiene should be a personal responsibility and a skill that everyone should pick up. “This includes installing anti-virus/malware software, ensuring that passwords are secure, checking that strong 2-factor authentication are required for sensitive on-line transactions, and to be careful of phishing emails that could cause malware to be installed on your computer without your knowledge, increasing the risk of data to be stolen,” he concluded.

Also Read

SATA CommHealth menyediakan layanan bagi warga lanjut usia Singapura yang ‘kurang terlayani’

Mengembalikan layanan penyakit tidak menular di Asia

Pemindaian AI terkini meningkatkan diagnosa di Shin Kong Wu Ho-Su Memorial Hospital

Rumah sakit di Taiwan ini menggunakan teknologi endoskop yang dibantu AI untuk mendeteksi polip dan kamera resolusi tinggi untuk telemedis.

KFSHRC Saudi bertumpu pada inovasi untuk mentransformasi layanan kesehatan

Rumah sakit ini mempercepat adopsi teknologi baru untuk memposisikan dirinya sebagai pemimpin global di bidang kedokteran.

Angkor Hospital merencanakan pusat trauma untuk anak-anak

Fasilitas ini akan memiliki ICU, ruang gawat darurat, ruang operasi, dan bangsal bedah.

Bali International Hospital dan HK Asia Medical mendirikan pusat jantung baru

Fasilitas ini akan menawarkan diagnostik, operasi invasif minimal, dan perawatan pasca operasi.

Pasar pencitraan medis Indonesia diproyeksikan tumbuh 6,12% CAGR hingga 2030

Salah satu pendorong utama adalah peningkatan inisiatif yang dipimpin pemerintah.

Rumah Sakit Pusat Kamboja beralih ke adopsi teknologi untuk meningkatkan layanan jantung

Salah satu teknologi kunci mereka adalah mesin ECMO untuk mendukung hidup yang berkepanjangan dalam kondisi kritis.

Ekspor farmasi Indonesia diperkirakan tumbuh 7,7% CAGR hingga 2028

Berkat upaya pemerintah dan aturan investasi baru untuk meningkatkan produksi domestik.

Jepang dan Indonesia tandatangani MoU untuk pelatihan perawat dan pekerja perawatan

Kemitraan ini bertujuan membimbing tenaga kesehatan Indonesia agar memenuhi standar tenaga kerja profesional Jepang.

Pusat gigi nasional Singapura berada di garda terdepan layanan gigi digital

Teknologi pemindaian intraoralnya menggantikan metode pencetakan gigi tradisional.

Inovasi medis global dan solusi berbasis AI menjadi sorotan

Medical Taiwan 2024 menghadirkan 280 peserta dari 10 negara dan mendorong integrasi teknologi dalam layanan kesehatan.
Join the community

Resource Center

The Untold Story of the Telehealth Surge: New Partnerships and New Risks

AI Adoption and Maturity in Healthcare: An Industry Benchmark

Print Issue

Read Here
Advertise
Sign Up

Awards

Apr
10

Healthcare Asia Medtech Awards

Apr
10

Healthcare Asia Awards

Apr
10

Healthcare Asia Pharma Awards

Event News

Global medical innovations and AI-driven solutions in the spotlight
Global medical innovations and AI-driven solutions in the spotlight
Medical Taiwan 2024 drew 280 exhibitors from 10 countries, boosting tech integration in healthcare.
Mayapada Healthcare Group wins big at Healthcare Asia Awards 2024
Co-Written / Partner Mayapada Healthcare Group wins big at Healthcare Asia Awards 2024
Dharmais Cancer Hospital garners two wins at Healthcare Asia Awards 2024
Co-Written / Partner Dharmais Cancer Hospital garners two wins at Healthcare Asia Awards 2024
National Cardiovascular Center Harapan Kita lauded at Healthcare Asia Awards
Co-Written / Partner National Cardiovascular Center Harapan Kita lauded at Healthcare Asia Awards

Videos

Hong Kong patients seek cheaper, faster healthcare in China

Hong Kong patients seek cheaper, faster healthcare in China

Healthcare Asia Awards 2024 Event Highlights

Healthcare Asia Awards 2024 Event Highlights

Cybercriminals target healthcare for personal health information

Cybercriminals target healthcare for personal health information

Asian Hospital invests in high-tech to fight The Big C

Asian Hospital invests in high-tech to fight The Big C

View more videos

Partner Sites

Asian Power
Asian Power
Asian Business Review
Asian Business Review
Asian Banking and Finance
Asian Banking and Finance
Retail Asia
Retail Asia