The most serious breach of personal data in Singapore's history took place last month, which also affected Prime Minister Lee Hsien Loong's, according to the Ministry of Health and Ministry of Communications and Information.
The attackers were specifically and repeatedly targeting Lee's personal particulars and information on his outpatient dispensed medicines, they said in a release.
They reportedly said that 1.5 million SingHealth patients' records were accessed and copied while 160,000 had their outpatient dispensed medicine records taken too.
The personal data taken from the 1.5 million patients included their names, NRIC numbers, address, gender, race and date of birth, according to the release which also said that the hackers did not amend or delete the records.
Patients' medical records, including past diagnoses, doctors' notes and health scans, were not affected.
I am personally affected, and not just incidentally. The attackers targeted my own medication data, specifically and repeatedly, Lee wrote on his Facebook account in his immediate response to the news.
I don't know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret, or at least something to embarrass me. If so, they would have been disappointed. My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it, he wrote.
Lee said that when SingHealth digitised its medical records, it asked him whether to computerise his own personal records too, or to keep his in hardcopy for security reasons.
"I asked to be included. Going digital would enable my doctors to treat me more effectively and in a timely manner. I was confident that SingHealth would do its best to protect my patient information, just as it did for all its other patients in the database.
Of course, I also knew that the database would be attacked, and there was a risk that one day despite our best efforts it might be compromised. Unfortunately, that has now happened, he said.
The Prime Minister said the security and confidentiality of patient information is a top priority.
Lee had ordered the Cyber Security Agency of Singapore (CSA) and the Smart Nation and Digital Government Group (SNDGG) to work together with the Ministry of Health, Singapore, to tighten up their defences and processes across the board.
We are convening a Committee of Inquiry to look thoroughly into this incident. It will doubtless have valuable conclusions and recommendations, which will help us do better, he said.
Lee noted that this will be a ceaseless effort.
Those trying to break into our data systems are extremely skilled and determined. They have huge resources, and never give up trying.
Government systems come under attack thousands of times a day. Our goal has to be to prevent every single one of these attacks from succeeding. If we discover a breach, we must promptly put it right, improve our systems, and inform the people affected.
This is what we are doing in this case. We cannot go back to paper records and files. We have to go forward, to build a secure and smart nation, he wrote and ended it with his initials, LHL.
Source: NAM NEWS NETWORK