SingHealth cyber breach

Nothing alarming in my data, says PM Lee

In a Facebook post, Prime Minister Lee Hsien Loong said those behind the cyber attacks specifically targeted his medication data, but "there is nothing alarming in it".
In a Facebook post, Prime Minister Lee Hsien Loong said those behind the cyber attacks specifically targeted his medication data, but "there is nothing alarming in it".

Prime Minister Lee Hsien Loong yesterday assured Singaporeans there is nothing alarming in his outpatient medication data that was stolen by hackers.

He was among 160,000 patients who had information of their outpatient prescriptions pilfered from SingHealth's database, in the most serious data breach in Singapore's history. In all, the personal particulars of 1.5 million patients were compromised.

In a Facebook post, PM Lee noted that those behind the cyber attacks "specifically and repeatedly" targeted his medication data.

"I don't know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret, or at least something to embarrass me," he wrote. "If so, they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it."

PM Lee said SingHealth had asked him whether to computerise his personal records when digitising its medical records, or to keep them in hard copy for security reasons.

The Prime Minister said he asked to be included, as going digital would enable his doctors to treat him more effectively and in a timely manner.

"I was confident that SingHealth would do their best to protect my patient information, just as it did for all their other patients in the database," he said.

But PM Lee added that he also knew the database would be attacked, and that there was a risk it might be compromised one day. Unfortunately, that has now happened, he said.

He stressed that the security and confidentiality of patient information is a top priority, and said he has ordered the Cyber Security Agency of Singapore and the Smart Nation and Digital Government Group to work with the Ministry of Health to tighten cyber defences and processes across the board.

A high-level Committee of Inquiry will be convened to get to the bottom of the matter. It will be chaired by retired judge and Public Transport Council chairman Richard Magnus.

"This will be a ceaseless effort," PM Lee said. "Those trying to break into our data systems are extremely skilled and determined. They have huge resources, and never give up trying."

He noted that government systems come under attack thousands of times a day, and the goal must be to prevent every attack from succeeding.

"If we discover a breach, we must promptly put it right, improve our systems and inform the people affected," PM Lee said.

"This is what we are doing in this case. We cannot go back to paper records and files. We have to go forward, to build a secure and smart nation."

 
A version of this article appeared in the print edition of The Straits Times on July 21, 2018, with the headline 'Nothing alarming in my data, says PM Lee'. Print Edition | Subscribe