SingHealth, the largest healthcare group in Singapore was targeted in a cyber attack that resulted in the breach of about 1.5 million patients confidential information. The attack occurred from June 27th 2018 through July 4th 2018, and affected the records of the patients who used SingHealth’s services from May 1st 2015 through July 4th 2018, a period of over 3 years. Some of the information exfiltrated included namem, address, gender, date of birth, race, and the National Registration Identity Card (NRIC) number. The NRIC is a unique 9-character alphanumeric code issued to by the Singaporean government to its citizens.
The motive behind this attack appears to be monetary, as the personal records can be monetized through the extortion or sale on the underground web. In addition, Singapore’s Ministry of Health (MOH) has indicated that the information of SIngapore’s Prime Minister Lee Hslen Loong was specifically targeted. It is unclear at this point, whether the atack was state sponsored or not; however, MOH has stated that the TTP’s involved in the attack point to a sophisticated threat actor.