Poor ‘[email protected]’ hygiene and unpatched systems led to Singapore’s biggest ever cybersecurity breach
An investigation into the July data breach incident at Singapore’s largest healthcare provider has revealed that local administrators made several critical mistakes that led to the breach, including the use of weak passwords and unpatched software. According to the initial press release announcing the breach, “It was not the work of casual hackers or criminal gangs. The stolen data included name, NRIC (National Registration Identity Card) number, address, gender, race and date of birth. Investigators said the records were not tampered with or deleted. However, experts warned that the data could end up on the dark web, where criminals could offer to buy it to conduct extortion attempts. A team set up to probe the breach – which compromised 1.5 million patient records, including the Singapore Prime Minister’s – has now revealed how hackers were able to infiltrate the SingHealth network and perform their actions. Investigators noted that the breach resembled an advanced persistent thre..