SingHealth data breach: Missteps and lax security

SingHealth's network was breached as early as August last year.
SingHealth's network was breached as early as August last year.ST PHOTO: SYAZA NISRINA

A series of missteps and multiple security inadequacies were among the reasons why the personal data of 1.5 million people was stolen following a massive cyber attack on SingHealth.

The healthcare group's network was breached as early as August last year.

These details and other information about how the attacker was able to access the electronic medical records database and dormant accounts were revealed by Solicitor-General Kwek Mean Luck yesterday, the first day of a public hearing on the attack. The attack saw data being transferred from June 27 to July 4. It was stopped after it was detected on July 4.

SEE TOP OF THE NEWS

A version of this article appeared in the print edition of The Straits Times on September 22, 2018, with the headline 'SingHealth data breach: Missteps and lax security'. Print Edition | Subscribe