For more than a year, the necessary security updates were not made to a computer server, which was among many systems exploited by hackers who accessed SingHealth's critical system in Singapore's worst data breach in June.
Servers are typically patched several times a month. But this one slipped through the cracks and went unnoticed by the technology vendor, Integrated Health Information Systems, the Committee of Inquiry probing the breach heard yesterday.