EXECUTIVE SUMMARY:

Singapore Prime Minister Lee Hsien Loong and 1.5M other citizens have had their personal health data records stolen, reports The Wall Street Journal. This is the largest personal data breach in Singapore’s history – leaps and bounds above the 2016 Uber Inc. data breach that affected 380,000 Singaporean users.

The Prime Minister was the primary target of the attack. “I don’t know what the attackers were hoping to find. Perhaps they were hunting for some dark state secret, or at least something to embarrass me,” he wrote on Facebook. “My medication data is not something I would ordinarily tell people about, but there is nothing alarming in it.”

The theft, which occurred between June 27th and July 4th, was carried out by hackers infiltrating into the SingHealth centralized data portal. The cyberattackers stole patients’ names, prescription records, National Registration Identity Card numbers, addresses, gender, race and dates of birth. Medical records and clinical notes were not affected.

According to The Verge, local media reports that the cyberattack is believed to be state-sponsored. A Singapore government briefing stated that “This was a deliberate, targeted and well-planned cyberattack. It was not the work of casual hackers or criminal gangs.” The Cyber Security Agency of Singapore is declining to say which country they believe was involved in the attack.

City governments have begun centralizing data in order to provide smoother services. As this incident illustrates, centralized data becomes vulnerable when the proper security solutions are not in place.

Get the full story at The Wall Street Journal.