State-Backed Hackers Sought and Stole Singapore Leader’s Medical Data

SINGAPORE—State-sponsored hackers were likely behind a cyberattack that netted the personal details of 1.5 million people in Singapore, including the medical records of their primary target Prime Minister Lee Hsien Loong, an inquiry found.

The government-commissioned investigation concluded the attack, uncovered last year, “had a clear goal in mind, namely the personal and outpatient medication data of the prime minister in the main, and that of other patients.”

A report released Thursday said the attacker was “skilled and sophisticated” and in a class usually associated with a foreign government. The report didn’t name a suspect. Officials have previously said they would not name a suspect for “national security reasons.”

Cybersecurity experts say many countries have offensive cyberattack capabilities, but most advanced attacks in recent years have come from a handful of nations, particularly China, Iran, North Korea and Russia.

Mr. Lee, 66, who was diagnosed with lymphoma in 1992 and in 2015 had surgery for prostate cancer, has said he wants to pass power over Singapore, a financial hub and important Western ally, to a successor before his 70th birthday. He is expected to call a general election as soon as this year.

Last year, he said that hackers looking for “some dark state secret” in his records would have been disappointed.

The Singapore hack obtained personal details of a quarter of the city-state’s population—an unprecedented breach of government databases in one of Asia’s richest nations.

The SingHealth system administrator didn’t address existing vulnerabilities before the attack and failed to respond effectively once it occurred, the inquiry found. Staff were poorly trained and lacked awareness.

The hackers had access for more than 10 months from August 2017, the inquiry found. They covered their tracks by erasing files and avoiding moves that could have led to detection, the report said. The hackers even re-entered the network after being detected to erase further logs.

“The truth is, breaches like this are very common but they’re rarely discovered, let alone reported,” said Vivek Chudgar, senior director for consulting at cybersecurity firm


Hackers can sell health information to other criminals or use it for intelligence purposes. In 2015, U.S. health insurer Anthem Inc. said the personal information of nearly 80 million people had been stolen. In 2017, a major attack scrambled computer systems in dozens of countries, including the England’s National Health Service.

Write to Jake Maxwell Watts at and P.R. Venkat at

Source link