IOTW CASE STUDY

One of the biggest and most successful ransomware attacks in recent months took place in the small, wealthy country of Singapore. The attacker stole the medical records of 73,000 patients at a specialized eye clinic for ophthalmologists and retinal surgeons. The breach involved personal medical records, including serious illnesses and treatments.

Health data is a valuable commodity on the dark web. The #data included patient names, addresses, ID card numbers, contact details, and clinical information. 

Medical Data Breach In Singapore 

An “illegal and sophisticated ransomware cyberattack” was carried out on Aug 6, 2021, by an unknown party, the clinic admitted.

It affected the servers and multiple computer terminals of the Camden Medical branch of the clinic. IT systems in the outpatient clinic branch of the Mount Elizabeth Novenas Specialist Center remained unaffected.

The clinic said they were not aware of any sensitive data being released to the public and will continue to monitor the situation closely.

The incident was reported to the police, the Personal Data Protection Board, and the Singapore Computer Emergency Response Team (SingCERT). An ophthalmic and retinal surgeon said its IT team is working closely with Singapore’s Cyber #security Authority (CSA) and Ministry of Health (MOH) to investigate the root cause of the incident. The clinic also claimed that they are working with cybersecurity experts and authorities to identify potential areas where IT systems could be made even more secure. After this incident, there was a major need for them to assure patients that they take patient confidentiality very seriously,” the clinic said.

A strict notice from the Singapore Ministry of Health (MOH) was notified by ophthalmologists and retinal surgeons one week after the August 6 attacks. In the August 2021 National Data Breach Regulations 2021 Notice Update, all organizations that experience a breach that “causes serious harm to an individual” or has a “substantial degree” are required to contact the Commission to report protection. 

After the investigations were carried out It was brought to notice that The attack was carried out by an undisclosed ransomware group for an undisclosed sum of money, targeting the clinic’s servers and management systems. Upon becoming aware of the information breach, the clinic reportedly acted immediately toward its closure, notifying the police, the commission, and Singapore’s Cyber Security Agency.

This was one of the largest breaches in the history of the Asian nation, and the largest breach also occurred in the healthcare sector, with unknown national officials citing the country’s largest healthcare group, SingHealth. 

What does Investigation Say :

In a separate statement, the Ministry of Health said it was notified of a ransomware attack that affected Eye & Retina Surgeons’ clinic servers and clinic management system on August 16. The clinic admitted that they filed a police report on Aug 13.

“IT systems at the infected clinic were not connected to MOH’s IT systems, such as the National Electronic Medical Record, and there were no similar cyberattacks against MOH’s IT systems,” the ministry said. 

The clinic was asked to investigate, thoroughly, review its systems and work with the CSA to take immediate steps to strengthen its cyber defenses, they added.

“The government claimed cyber-attacks, illegal access to data or acts that compromise the integrity, confidentiality, and availability of Singapore’s data and the IT systems very seriously,” the ministry said. 

Conclusion 

(Good Healthcare should equally involve Good cybersecurity )

The Ministry of Health’s admonishment states: “It is only through the disciplined maintenance of a safe and secure data and IT system that healthcare professionals will be able to deliver the accurate and appropriate care and uphold patient safety. They also claimed that Singapore’s Hospitals and Medical Clinics Regulations, and licensed health premises have an even more stringent obligation for their customers, and also have to implement various methods to safeguard medical records against unauthorized access and ensure that such safeguards are effective”.

It is so important for the Ministry to issue a set of Healthcare #cybersecurity Essentials guidelines in August 2021 to remind all licensees to establish and constantly review their security safeguards, implement new measures as necessary and adopt best practices to secure their IT systems.

The Ministry’s statement concluded: “Following this incident, MOH will be reminding all its licensed healthcare institutions to remain vigilant, strengthen their cybersecurity posture, and ensure the security and integrity of their IT assets, systems, and patient data”.