Last updated: 23 July 2018
A government healthcare group database in Singapore suffered a data breach that compromised the personal information of 1.5 million people.
On 4 July 2018, investigators with Integrated Health Information System (IHiS) detected strange activity on one of the IT databases owned by SingHealth, Singapore’s largest group of healthcare institutions. The administrators responded by implementing additional security features and launching an investigation into the anomalies. Six days later, IHiS confirmed that SingHealth had suffered a data breach and that criminals had stolen some of its data between 27 June 2018 and 4 July 2018. This discovery led the healthcare group to file a police report.
According to a statement published on the website for Singapore’s Ministry of Health, the incident affected 1.5 million patients who visited SingHealth between 1 May 2015 and 4 July 2018. That’s more than a quarter of the population of the island city-state. Evidence shows that those responsible for the attack, individuals whom the Cyber Security Agency of Singapore (CSA) described as neither “casual hackers or criminal gangs,” accessed victims’ personal information including their names, addresses, gender and dates of birth. Among those victimized was Prime Minister Lee Hsien Loong, who had his personal details and medicine records “specifically and repeatedly targeted.”
SingHealth isn’t the only healthcare industry to suffer a data breach in recent memory. As Gemalto found in its 2017 Breach Level Index Report, more than a quarter (27 percent) of all data breaches that occurred in the 2017 affected healthcare organizations. Healthcare suffered more breaches than any other industry, with its proportion of incidents twice as much as financial services (12%), retail (11%), education (11%) and government (11%).
Digital attackers have their sights set on entities like SingHealth because of healthcare information’s high value. On the one hand, data thieves can easily monetize this data on the dark web. On the other hand, they can keep it and use it to build victim profiles for future attacks. As is the case with the Internet of Things, major security flaws can pose serious threats to the health and safety of patients. For example, criminals can remotely manipulate devices, including those that controlled dosage levels for drug infusion pumps and connected defibrillators.
Acknowledging these threats, it’s essential that all organizations, especially healthcare organizations, take steps to protect the sensitive information of customers and patients. They can do so by controlling user access to data, encrypting all sensitive data and securing keys used to encrypt the data. This three step approach helps ensure data is protected when perimeter security measures are compromised and intruders are inside the network or get access to data stored in the cloud. It is an approach we call Secure the Breach.
Here are seven steps healthcare organizations can take to secure their applications, data and infrastructure:
- Comply with applicable regulations and standards
- Protect the integrity of your medical applications
- Optimize workflows, allow doctors to receive real-time patient updates anywhere, and improve doctor/patient care with a secure IoT infrastructure
- Secure patient records and information, claim activity, and other medical transactions with encryption
- Identify and control the employees, customers, suppliers, patients, and partners accessing your applications and system with robust access management and authentication
- Eliminate the need for investing in disparate systems from different vendors
- Secure the exchange of records and information, claim activity, and other transactions amongst healthcare providers and insurers by encrypting network traffic