Over 73,000 patients' data at eye clinic in Singapore hit by ransomware attack

·Editorial Team
·2-min read
(PHOTO: Getty Images)
(PHOTO: Getty Images)

SINGAPORE — A private eye clinic's IT database containing the personal data and clinical information of over 73,000 patients was hit by a ransomware attack earlier in August. 

The Ministry of Health (MOH), who was informed of the 6 August attack last week, said on Wednesday (25 August) that the compromised IT systems at Eye & Retina Surgeons (ERS) are not connected to the MOH’s IT systems, such as the National Electronic Health Record.

There have been no similar cyberattacks on the MOH’s IT systems, it added. Ransomware is a form of malware that encrypts the attacked files and payment is demanded for the restoration of access to the data.

The MOH noted that the clinic made a police report on 13 August, adding that the incident was also reported to the Personal Data Protection Commission and Singapore Computer Emergency Response Team for further investigations. 

"Upon notification, the MOH had requested ERS to investigate the incident, carry out a thorough review of its systems and work with the Cyber Security Agency to take immediate mitigating actions to strengthen its cyber defence," said the ministry.

"The government takes a serious view of any cyberattack, illegal access of data or action that compromises the integrity, confidentiality and availability of data and IT systems in Singapore."

According to the Private Hospitals and Medical Clinics Regulations, licensees have to implement adequate safeguards to protect medical records against unauthorised access and ensure that such safeguards are effective. 

The MOH noted that it had issued a set of Healthcare Cybersecurity Essentials guidelines in August to remind all licensees to establish and constantly review their security safeguards, implement new measures as necessary and adopt best practices to secure their IT systems. 

"Following this incident, the MOH will be reminding all its licensed healthcare institutions to remain vigilant, strengthen their cybersecurity posture, and ensure the security and integrity of their IT assets, systems, and patient data," said the ministry.

"It is only through the disciplined maintenance of a safe and secure data and IT system that healthcare professionals will be able to deliver accurate and appropriate care, and uphold patient safety."

Stay in the know on-the-go: Join Yahoo Singapore's Telegram channel at http://t.me/YahooSingapore

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting