MOM site duplicated, Art Museum site breached

SINGAPORE — The website of the Singapore Art Museum has been breached for the second time in two weeks, the museum said yesterday.

According to a statement issued last night, unauthorised links were added to a specific page of the website. “The links were immediately removed and a police report has been lodged. No data was compromised,” the SAM said.

The museum had been informed on Thursday by the Infocomm Development Authority that its website appeared on a list of 1,500 vulnerable sites that was posted in the public domain.

Last week, data from its website was published illegally on an overseas site, revealing personal information of more than 4,000 individuals. Yesterday, the SAM said it has since taken action to protect its website and has removed data files from the site.

Separately, the Ministry of Manpower (MOM) said yesterday its website had been duplicated — on www.momgov.sg — and that it has lodged a police report.

The ministry found out about the duplicate site on Thursday and said its internal checks ascertained that the site was created by an external entity. It is unclear if the duplicate site contains the exact information on the official one or if false information was uploaded.

When asked if efforts will be made to take down the site, the ministry said it could not comment as police investigations are ongoing.

The MOM said the public should only access its official website at www.mom.gov.sg. “We would also like to assure everyone that no data has been compromised and that there are measures to protect the MOM website,” it added.

The security of government websites has come under the spotlight recently after threats were allegedly made by the so-called Anonymous, a hacking collective, last month.

This was followed by a string of incidents that included the defacement of 13 school websites and the hacking of those belonging to the Istana and Prime Minister’s Office.

Two men were yesterday charged in court with the alleged Istana hacking. Earlier this month, James Raj Arokiasamy, who is alleged to have hacked into several websites — including that of the Ang Mo Kio Town Council — under the moniker The Messiah, was charged with carrying out “unauthorised modifications” to websites.