A database for SingHealth, Singapore's public health system, has been compromised in what the country's Health Ministry and Ministry of Communications and Information called a "deliberate, targeted and well-planned cyberattack."
Nearly 1.5 million patients seen at SingHealth's specialist outpatient clinics and polyclinics from May 1, 2015 to July 4, 2018 were affected. The attackers repeatedly targeted Prime Minister Lee Hsien Loong's personal information and data on his outpatient dispensed medications.
Among the stolen data are patients' names, national registration numbers, addresses, genders, races and dates of birth. About 160,000 patients also had information on outpatient dispensed medicines taken. No health records had been changed or deleted.
"Investigations by the Cyber Security Agency of Singapore and the Integrated Health Information System confirmed that this was a deliberate, targeted and well-planned cyberattack," reads an official Singapore government statement. "It was not the work of casual hackers or criminal gangs."
SingHealth is notifying all affected patients via text message. Patients can also access the health system's mobile app, Health Buddy, or visit the SingHealth website.