Personal health data of 1.5 million citizens was stolen from SingHealth, the largest healthcare provider in Singapore. This breach leaked information like names, addresses, IC numbers, and prescription information. Singapore’s Ministry of Health will be notifying those affected in the upcoming days.
Data was compromised from anyone who visited a SingHealth outpatient or polyclinic between 1 May 2015 to 4 July 2018. Hackers had access for a full eight days before the breach was flagged.
Compared to benign breaches in other industries, healthcare breaches are generally due to criminal attack. This is because the medical industry was one of the last to digitize information and so they are less savvy about cybersecurity.
This stolen information can be sold on the black market to commit health fraud. Singapore did a good job in capping the breach, by securing its network, notifying law enforcement and publicizing the breach quickly. Countries with national healthcare must recognize how fragile the security of their medical systems are.
In good measure, earlier this year HealthCareCAN organized a summit to enhance cybersecurity. In the meantime here’s how you can remain proactive against data breaches.
How can you recover?
- Verify your accounts, track the scope of how a breach would affect you. Watch out for the flood of phishing scams that follow these breaches.
- Change the passwords on all your accounts. Use a password manager like Dashlane as a protective measure. It generates complex passwords, eliminates the stress of remembering them, and you can try it for free here!
- Make sure your computer is clean from malware by running a FixMeStick scan. FixMeStick can detect those threats that get past your antivirus. Buy one here.
Sign up for the FixMeStick newsletter here for the latest threat intelligence.