The personal details of 850 national servicemen and staff at the Ministry of Defence (Mindef) were stolen last month in what the ministry described as a "targeted and carefully planned" cyber attack possibly aimed at accessing official secrets.
Mindef has ruled out casual hackers, criminal gangs and an inside job, leading experts to believe that the attack, the first in which Mindef lost data, could be the work of foreign governments.
Early last month, Mindef discovered that a vulnerability in its I-net system had been exploited, resulting in the loss of NRIC numbers, telephone numbers and birth dates of 850 personnel.
The I-net system provides Internet access on thousands of dedicated terminals to national servicemen and other employees working in Mindef's offices and Singapore Armed Forces premises, such as army camps and naval bases.
At a briefing yesterday, Mindef's deputy secretary of technology David Koh apologised for the breach.
He said that after the attack was detected, the affected server was disconnected from I-net and the security vulnerability was fixed. No classified information was stolen.
Mindef, which is still seeking the culprit, added: "The real purpose may have been to gain access to official secrets, but this was prevented by the physical separation of I-net from our internal systems."
The delinking of classified systems from Internet computers prevents sensitive information from being accessed through the Web.
By May, all 100,000 public servants' computers will be delinked.
Explaining the delay in revealing the attack, Mindef said it needed to investigate the incident before informing the public.
It added that it will contact all affected personnel within the week.
They will be asked to change their passwords and report any unusual activity related to the use of their personal information.
No breaches in other government networks have been detected, said the Cyber Security Agency.
Security experts say the attack may have been state-sponsored.
Mr Aloysius Cheang, executive vice-president of global computing security association Cloud Security Alliance, said: "It is common for states to sponsor such attacks to access other countries' infrastructure, and build a portfolio of information that can be used to their advantage."
