SingHealth cyber attack: PM Lee says nothing alarming in his data that was stolen, no 'dark state secret'

Prime Minister Lee Hsien Loong was among the 160,000 patients who had their outpatient prescription data stolen from SingHealth's database.
Prime Minister Lee Hsien Loong was among the 160,000 patients who had their outpatient prescription data stolen from SingHealth's database.PHOTO: ST FILE
A​bout 1.5 million patients, including Prime Minister Lee Hsien Loong​ ​and a ​few ministers, ​have had their personal data stolen. Some 160,000 people also had their outpatient prescriptions stolen.​

SINGAPORE - Prime Minister Lee Hsien Loong on Friday (July 20) gave the assurance that there is nothing alarming in his outpatient medication data that was stolen by cyber attackers.

He was among the 160,000 patients who had their outpatient prescription data stolen from SingHealth's database in Singapore's worst cyber attack. In all, the personal particulars of 1.5 million patients were compromised.

In a Facebook post, Mr Lee noted that the attackers targeted his medication data "specifically and repeatedly".

"I don't know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret, or at least something to embarrass me," he wrote.

"If so, they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it."

Mr Lee said SingHealth had asked him whether to computerise his personal records when digitising its medical records, or to keep them in hard copy for security reasons.

The Prime Minister said he asked to be included, as going digital would enable his doctors to treat him more effectively and in a timely manner.

"I was confident that SingHealth would do their best to protect my patient information, just as it did for all their other patients in the database," he said.

But Mr Lee added that he also knew the database would be attacked, and that there was a risk that it might be compromised one day. Unfortunately that has now happened, he said.

 
 

Mr Lee stressed that security and confidentiality of patient information are top priorities.

He said that he has ordered the Cyber Security Agency of Singapore and the Smart Nation and Digital Government Group (SNDGG) to work with the Ministry of Health to tighten cyber defences and processes across the board.

A high-level Committee of Inquiry will also be convened to get to the bottom of the matter. The committee will be chaired by retired district judge Richard Magnus.

"This will be a ceaseless effort," Mr Lee said. "Those trying to break into our data systems are extremely skilled and determined. They have huge resources, and never give up trying."

He noted that government systems come under attack thousands of times a day, and the goal must be to prevent every attack from succeeding.

"If we discover a breach, we must promptly put it right, improve our systems, and inform the people affected," Mr Lee said.

"This is what we are doing in this case. We cannot go back to paper records and files. We have to go forward, to build a secure and smart nation."