The SingHealth cyber attack also illustrates that it doesn’t take much time to do significant damage.
The MOH said the breach began June 27 and they detected it July 4, eight days later. “The breach was immediately contained, preventing further illegal exfiltration,” the advisory said.
If that is indeed the case, it is an unusually fast detection and response time, Jarva said, “considering that one of the studies done in North America stated that U.S. companies took an average of 206 days to detect a data breach.”
Still, it was enough time for those who had visited SingHealth facilities between May 1, 2015, and July 4, 2018, to have their data “illegally accessed and copied. The data taken include name, NRIC [National Registry Identity Card] number, address, gender, race and date of birth,” the MOH said.
“Information on the outpatient dispensed medicines of about 160,000 of these patients was also exfiltrated,” it said, adding that there had been no tampering with the records and that they didn’t include diagnoses, test results, or doctors’ notes.
In a Facebook post, Prime Minister Loong called the attackers “extremely skilled and determined” with “huge resources.”
But he said if they were “hunting for some dark state secret, or at least something to embarrass me…they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.”