Cyberattack on SingHealth: Govt to convene COI

SINGAPORE — The Government will convene a Committee of Inquiry (COI) to investigate the cybersecurity attack on SingHealth’s IT system, even as it found “no evidence of compromise” on other Government IT systems.

Mr Richard Magnus, a member of the Public Service Commission, will chair the COI, said the Ministry of Communications and Information (MCI) on Friday (July 20).

The COI will “establish the events and contributory factors leading to the cybersecurity attack, and the incident response,” said MCI, with more details to be announced at a later date.

It will also recommend measures to manage and secure SingHealth — and other public sector IT systems — against similar cyberattacks in future.

Friday’s announcement comes amid news of a “deliberate, targeted and carefully planned” cyberattack on SingHealth’s IT systems.

About 1.5 million patients’ non-medical personal data, as well as 160,000 patients’ dispensed medicines data had been compromised in the attack, which the authorities have called the most “serious breach of personal data that Singapore has ever experienced”.

Prime Minister Lee Hsien Loong’s personal particulars and outpatient medication data were also targeted — repeatedly and specifically — by the attackers.

The MCI added on Friday that a scan of all government systems “found no evidence of compromise”.

“The Smart National and Digital Government Group will pause the introduction of new information and communications technology systems while it reviews the cybersecurity measures of government systems,” MCI said.

Minister-in-charge of Cybersecurity S Iswaran has also instructed the Cyber Security Agency to work closely with key sectors such as energy, healthcare, banking and finance, and transport, to beef up cybersecurity of their critical information infrastructure systems.

Sign up for TODAY's WhatsApp service. Click here:

Sign Up