SingHealth warns of fake SMSes capitalising on news of recent cyberattack
SINGAPORE – SingHealth has warned of the emergence of fake SMSes tricking people into thinking that their phone number, financial information, and medical records had been compromised, hours after news first emerged on Friday (July 20) that the healthcare group had suffered an unprecedented cyberattack.
SINGAPORE – SingHealth has warned of the emergence of fake SMSes tricking people into thinking that their phone number, financial information, and medical records had been compromised, hours after news first emerged on Friday (July 20) that the healthcare group had suffered an unprecedented cyberattack.
In a Facebook post around 10pm, SingHealth reiterated that no such information was stolen during the breach from June 27 to July 4, adding: "We have been made aware that some people have received the fake text (SMS) message below. Please note that this is not from SingHealth.
"Please be assured that no phone number, financial information, or other patient medical records have been illegally accessed."
Hackers broke into SingHealth's IT systems last month to steal the data of 1.5 million patients and records of the outpatient medication given to Prime Minister Lee Hsien Loong, the authorities said on Friday (July 20).
The hackers - whom the authorities did not name and whose intentions were not spelled out - took data such as the name, NRIC number, address, gender, race, and date of birth of patients who visited SingHealth's specialist outpatient clinics and polyclinics from May 1 2015 to July 4 this year.
The records of the medicines given to 160,000 people – the Prime Minister among them - who had received outpatient treatment at SingHealth's outlets were also stolen.
The SingHealth institutions affected by the cyberattack include:
• Singapore General Hospital
• Changi General Hospital
• Sengkang General Hospital
• KK Women's and Children's Hospital
• National Cancer Centre Singapore
• National Heart Centre Singapore
• Singapore National Eye Centre
• Bright Vision Hospital
• SingHealth Polyclinics (Bedok, Bukit Merah, Marine Parade, Outram, Pasir Ris, Punggol, Sengkang and Tampines)
• Geylang Polyclinic and Queenstown Polyclinic, which used to be part of SingHealth. They are now under the National Healthcare Group and the National University Health System respectively.
Earlier on Friday, SingHealth had published a Facebook post showing a sample image of the official SMS that they would be sending to affected patients.
Those who did not register their mobile phone numbers with the group would be informed by mail, SingHealth added.
According to the sample SMS, affected patients would be informed that their name, identity number, address, gender, race and birthdate were "accessed but not altered".
The message would assure affected patients that their mobile number, medical and financial information are unaffected, and that they need not take further action.
SingHealth patients who did not receive an SMS but are keen to check if their data was illegally accessed can do so via the group's website or the HealthBuddy mobile application.
Despite the data breach, SingHealth has assured the public that there is "no impact to care as all medical records were not affected and not altered".
Sign up for TODAY's WhatsApp service. Click here: