Home News 2,400 , personnel possible victims due to malware incidents

2,400 MINDEF, SAF personnel possible data breach victims due to malware incidents

The two vendors affected are HMI Institute of Health Sciences Pte Ltd (HMI Institute) and ST Logistics Pte Ltd (ST Logistics).

Author

Date

Category

- Advertisement -

Singapore—The country’s Ministry of Defence () announced in a news release on Saturday, December 21, that it is aware that two of its vendors have suffered a malware incident which could have caused a leak of the personal data of 2,400 of and MINDEF personnel.

The two vendors affected are HMI Institute of Health Sciences Pte Ltd (HMI Institute) and ST Logistics Pte Ltd (ST Logistics). The , which happened through  e-mail phishing via malicious malware, occurred at ST Logistics, a privately owned company that provides SAF and MINDEF third-party logistics services including equipping services and eMart retail.

HMI Institute, on the other hand, has been holding training in cardiopulmonary resuscitation and automated external defibrillator for MINDEF/SAF personnel from 2016. Both companies are in possession of necessary personal data of MINDEF/SAF personnel.

The impact of the is now being investigated by MINDEF and SAF together with HMI Institute and ST Logistics.

- Advertisement -

HMI Institute’s system affected by the breach involves the personal data of 120,000 personnel, including the full names and NRIC numbers of about 98,000 MINDEF/SAF personnel. Additionally, the full names, NRIC numbers, contact numbers, email addresses, dates of birth and residential addresses of other HMI Institute customers have also been compromised.

The news release added that initial investigations into the malware incidents show that the possibility of “ to external parties is low.”

Under the Personal Data Protection Act (PDPA), it is required for firms to protect the personal data of its clients.

The malware incidents have been reported by HMI Institute and ST Logistics to the Personal Data Protection Commission (PDPC), which is now conducting investigations, as well as the Singapore Computer Emergency Response Team (SingCERT).

The news release also says  that MINDEF and SAF are taking  a serious view on the secure handling of personal data by their vendors, and have contacted other vendors who hold personal data to strengthen their own IT systems.

From December 21 and onward, MINDEF and SAF have been contacting the personnel who have been affected by the data breach.

“The malware incidents affected the IT systems of our vendors. Although MINDEF/SAF’s systems and operations were not affected, the malware incidents in these vendor companies may have compromised the confidentiality of our personnel’s personal data. We will review the standards of our vendors to ensure that they are able to protect our personnel’s personal data and information.” Defence Cyber Chief Brigadier-General Mark Tan said, in response to the malware incidents.

On Facebook, MINDEF announced,

“We are aware of the malware incidents at two of our external vendors, HMI Institute of Health Sciences (HMI Institute) and ST Logistics, involving a compromise of personal data. We are working closely with ST Logistics and HMI Institute to investigate the incidents, and they are reviewing and tightening their IT security measures.

If you are one of the affected individuals, you will be receiving an SMS message from MINDEF. Here’s how you can verify if the SMS you received is legitimate.

For further queries, please contact:
HMI Institute: 6564 6152 or dataprotection_ihs@hmi.com.sg
ST Logistics: enquiry@stlogs.com”

We are aware of the malware incidents at two of our external vendors, HMI Institute of Health Sciences (HMI Institute)…

Posted by Ministry of Defence, Singapore (MINDEF) on Saturday, 21 December 2019

-/TISG

Read related: MINDEF volunteers from various backgrounds a sign of strong trust within society—Ng Eng Hen

MINDEF volunteers from various backgrounds a sign of strong trust within society—Ng Eng Hen

Please follow and like us:
Tweet
Share
- Advertisement -

No year-end bonus for civil servants; lower-wage staff to get one-off S$1,200

The Public Service Division (PSD) announced yesterday (27 Nov) that civil servants will not receive a year-end bonus payment and that lower-wage staff will receive a one-time payment of S$1,200, in view of the economic impact of the COVID-19 pandemic. In a...

Netizens ask why some employers demand to see PSLE results if they are not defined by scores

Responding to Education Minister Lawrence Wong's advise to 12-year-olds that they are not defined by their Primary School Leaving Examination (PSLE) results, some netizens have asked why some prospective employers demand to see job applicants' PSLE scores if what he said...

“A genius cut down by drugs” — K Shanmugam pays tribute to Diego Maradona

Singapore -- Law and Home Affairs Minister K Shanmugam paid tribute to football legend Diego Maradona, who passed away on Wednesday (Nov 25), and called him a "genius cut down by drugs" in a social media post on Thursday (Nov 26).   Maradona...
Please follow and like us:
Tweet
Share
Follow Me
Tweet