The response of the Ministry of Health (MOH) to public concerns over the disclosure, that data of HIV-positive individuals in Singapore had been leaked online, has been tepid to say the least. Questions raised many days ago, in this newspaper and other media, remain unanswered. The key question is why the ministry chose to reveal the sensitive leak only now, when it appears to have been made aware of breaches on two earlier occasions. The first was in May 2016, when the ministry received information that an American residing here was in possession of confidential information that appeared to be from the HIV Registry. The second occasion on which the ministry was made aware was in May last year, when it again received information that the individual still had part of the records he possessed in 2016.
The ministry's concern for the sentiments of those on the HIV Registry is understandable. What is questionable is its belief that the individual would not make the stolen information public. He did so eventually, obliging the MOH to go public about the leak. Other queries, about the robustness of official investigations of the individual and his Singapore doctor boyfriend, have gone unanswered as well. Sufferers from Aids are the worst to be affected by the possible consequences of the leak, but they are not the only constituency at risk. Singaporeans at large would ponder the security of personal data stored in government hands. They have not recovered yet from Singapore's worst cyber attack, when hackers infiltrated the computers of SingHealth and stole the personal particulars of 1.5 million patients, including Prime Minister Lee Hsien Loong.