Skip to main content

Advertisement

Advertisement

1,560 SingPass accounts may have been accessed without authorisation

SINGAPORE — Over 1,500 SingPass users may have had their IDs and passwords accessed without their permission. The Infocomm Development Authority of Singapore (IDA) was notified on Monday (June 2) by the SingPass operator that a number of users had received a SingPass password reset notification letter, even though they did not request for a password change.

Screenshot of the SingPass reset website.

Screenshot of the SingPass reset website.

SINGAPORE — Over 1,500 SingPass users may have had their IDs and passwords accessed without their permission. The Infocomm Development Authority of Singapore (IDA) was notified on Monday (June 2) by the SingPass operator that a number of users had received a SingPass password reset notification letter, even though they did not request for a password change.

IDA’s preliminary investigations show that 1,560 users’ IDs and passwords were potentially accessed, of which 419 passwords were reset. Password reset notification letters were sent to the registered address of SingPass account holders.

The IDA filed a police report yesterday (June 3), but the authority’s checks so far show there is no evidence to suggest the SingPass system has been compromised. Passwords of all affected users have been reset, and the IDA is in the process of notifying them.

Said Ms Jacqueline Poh, the Managing Director for the Infocomm Development Authority of Singapore: “For every individual, the incident underlines the importance of taking personal responsibility for cyber security.”

“The Government strongly urges all SingPass users to take the necessary precautions to enhance their cyber security. They should ensure that they use strong passwords to access not only SingPass but all the other e-services they subscribe to. Strong passwords contain a combination of numerical figures, capital letters, and are at least eight characters long. Users should also install anti-virus software and update all their software regularly.”

The SingPass is a single-factor authentification system for all government e-services. It has 3.3 million users, and covers more than 340 e-services for 64 government agencies. These include services for the Central Provident Fund (CPF) Board, the Inland Revenue Authority of Singapore (IRAS) and the eCitizen online portal. For Singapore citizens and Permanent Residents, the SingPass ID is commonly their identity card (NRIC) numbers. Employment Pass Holders are eligible for the SingPass as well. There were 57 million SingPass transactions in 2013. CHANNEL NEWSASIA

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to our newsletter for the top features, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.