More than 200 e-case files accessed by unauthorised persons via State Courts' online portal

Preliminary findings show that a loophole was exploited in the Integrated Criminal Case Filing and Management System and court documents in other e-case files were viewed.
Preliminary findings show that a loophole was exploited in the Integrated Criminal Case Filing and Management System and court documents in other e-case files were viewed.PHOTO: SCREENGRAB FROM STATECOURTS.GOV.SG

SINGAPORE - More than 200 court case files have been accessed by a few accused persons without authorisation through the State Courts' online case management system.

Preliminary findings show that they had exploited a loophole in the Integrated Criminal Case Filing and Management System (ICMS), and viewed court documents in e-case files other than their own, said the State Courts in a statement on Wednesday (Nov 28).

Typically, only accused persons with a valid account can access the ICMS Accused Person access portal to view their case file using SingPass authentication.

The State Courts was first alerted to a possible vulnerability in the system on Nov 1, and discovered that 223 e-case files were accessed by a few accused persons without authorisation.

"Immediate steps were taken to fix the vulnerability. The e-case files had not been tampered with, and the integrity of ongoing proceedings was not affected," the State Courts said.

As of Nov 9, the State Courts and its system vendor, Ecquaria Technologies, have implemented additional security measures to enhance user access controls to protect the security and confidentiality of the information within, said the statement.

Letters will be sent to all affected individuals. A dedicated telephone hotline (6435-5651) and e-mail (query@statecourts.gov.sg) have been set up to address queries.

The police are investigating the incident.