In a press release yesterday, Singapore’s ministry of defence (MINDEF) and Singapore Armed Forces (SAF) personnel reported that the data containing sensitive details of their army personnel have been compromised with respect to their data vendors of HMI Institute and ST Logistics.
The island nation is one of the few richest ones in Asia. Though little, Singapore is a developed economy which is fuelled by technology, tourism and banking. With such advancement, hackers have plenty of chances to bank on this nation. The recent attack is done two institutions to which the government has contracted for their defence personnel’s activities.
Institutions and Numbers
Health Sciences Pte Ltd (HMI Institute) and ST Logistics Pte Ltd (ST Logistics) are the two institutions that were reportedly hacked. While the former one is tasked to conduct cardiopulmonary resuscitation and automated external defibrillator training for their MINDEF/SAF crew, the latter one is contracted for serving the logistics as eMart retail equipping services.
The HMI Institution hack was set to be compromising the data of 120,000 of its customers. Out of this, about 98,000 is of MINDEF/SAF personnel! The data set consisted of full names, NRIC (national registration identify card) numbers, contact numbers, email addresses, birth dates and residential addresses.
On the other hand, ST logistics hack had comprised the data of 2,400 defence personnel, which has more or less the same details as HMI Institutions. While the numbers are of this high, preliminary investigations suggest the impact could be less than estimated. Though the hack was said to happen earlier, MINDEF/SAF affected personnel were being notified on 21 December 2019.
Defence Cyber Chief Brigadier-General Mark Tan said, “The malware incidents affected the IT systems of our vendors. Although MINDEF/SAF’s systems and operations were not affected, the malware incidents in these vendor companies may have compromised the confidentiality of our personnel’s personal data. We will review the cybersecurity standards of our vendors to ensure that they are able to protect our personnel’s personal data and information.”
Source: Ministry of Defense, Singapore