Hackers stole the personal data of 1.5 million people in Singapore by breaking into a government health database, officials said Friday.
The data, taken between June 27 and July 4, included names and addresses of those who had visited health clinics since May 2015, but not full medical records. However, details about medications were stolen from about 160,000 people, according to a government statement.
“The records were not tampered with, ie no records were amended or deleted. No other patient records, such as diagnosis, test results or doctors’ notes, were breached,” Singapore’s Ministry of Health said in the statement. “We have not found evidence of a similar breach in the other public healthcare IT systems.”
It was a “deliberate, targeted and well-planned cyberattack. It was not the work of casual hackers or criminal gangs,” the government said.
The hackers “specifically and repeatedly targeted” data belonging to Singapore’s prime minister, Lee Hsien Loong, whom the BBC notes has survived two battles with cancer.
In 2016, Singapore took measures to avoid attacks like this byon government computers. However, the impacted computers at the Ministry of Health still had access.
Starting Friday, the government will contact all patients who visited the clinics from May 1, 2015, to July 4, 2018, to inform them of the breach.