All patients who visited SingHealth's specialist outpatient clinics and polyclinics between May 1, 2015, and July 4 this year will be informed as to whether their data was stolen.
These notifications will be made through SMS or letters, SingHealth said yesterday following an announcement that its database had been the target of a major cyber attack.
The first SMSes were sent from 6pm yesterday, said SingHealth chief executive Ivy Ng. All affected patients should receive the messages within the next five days.
For the approximately 1.3 million patients whose personal particulars - including name, NRIC number, address, gender, race and date of birth - were illegally accessed and copied by hackers, an e-mail address will be provided to which they can write to raise any concerns.
As for the 160,000 outpatients who also had the records of their dispensed medicine stolen, a hotline number manned from 9am to 9pm will be provided for any assistance. The e-mail channel and hotline will be maintained for as long as necessary, said Professor Ng.
Patients whose phone numbers are not in the records will be informed via post within a week. The public can also check if they are affected on the Health Buddy app or at www.singhealth.com.sg.
Cyber Security Agency of Singapore chief executive David Koh said the authorities will monitor if the stolen records have been misused. "We are watching to see if anything appears on the Internet, both in the open and (on) less well-known websites," he said yesterday.