Skip Ribbon Commands
Skip to main content
Menu

Data Security Check

Frequently Asked Questions

A) INCIDENT RELATED

SingHealth’s IT system containing patient personal particulars and information on outpatient dispensed medicines has been the target of a major cyberattack. Forensic investigations have confirmed that this was a deliberate, targeted and well-planned cyberattack, and not the work of casual hackers or criminal gangs.

We have lodged a Police report on the incident, and the matter is currently under Police investigation.

We apologise for the anxiety caused. Please rest assured that additional cybersecurity measures have been implemented to safeguard patients' data.

SingHealth was alerted by our IT partner IHIS who runs the IT systems for the public healthcare institutions. They detected that there was unusual activities on one of our IT databases. They took immediate action to halt the activities and investigated the incident to ascertain the nature of these activities. They also put in place additional precautionary cybersecurity measures immediately. There was no further illegal data access thereafter. We have lodged a police report and a police investigation is ongoing.

The information illegally accessed and copied were:

  1. Patient’s name, NRIC number, address, gender, race and date of birth
  2. Information on outpatient dispensed medicines from 1 May 2015 to 4 July 2018

We would like to assure you that no phone number or other patient medical records such as diagnosis, test results or doctors’ notes or financial information were breached. There is no impact to care as all medical records were not affected and not altered.

All records in SingHealth's IT system remain intact - there were no modifications or deletions to patient records. Your medical care will not be affected and there is no disruption to our services.

The following SingHealth institutions were impacted:

  • Singapore General Hospital
  • Changi General Hospital
  • Sengkang General Hospital
  • KK Women’s and Children’s Hospital
  • National Cancer Centre Singapore
  • National Heart Centre Singapore
  • Singapore National Eye Centre
  • Bright Vision Hospital
  • SingHealth Polyclinics (Bedok, Bukit Merah, Marine Parade, Outram, Pasir Ris, Punggol, Sengkang and Tampines)
  • NHGP Geylang and NUP Queenstown which were part of SHP before re-clustering in 2018

Please contact us at check@singhealth.com.sg or call our dedicated enquiry line: 6326-5555 (9am to 9pm).

B) SECURITY & PRECAUTIONS

We are sorry that this deliberate, targeted and well-planned cyberattack had happened despite the safeguards we have put in place. We apologise unreservedly for causing our patients anxiety.

We take a serious view of this incident. We took immediate actions to stop the breach, and have put in place additional cybersecurity measures to enhance the security of our IT systems.

The information on basic personal particulars, such as those that have been illegally accessed and copied are not sufficient to complete any financial or key Government e-transactions as these would require physical verification or two-factor authentication (2FA) online verifications. However, you are advised to heighten online vigilance and secure your online credentials with strong passwords.

We would like to assure that no contact numbers were illegally access in this cyberattack. If you suspect that you may be a victim of a scam, you may wish to report your experience to the Police anti-scam helpline 1800-7226688.

  • Secure your online credentials by using strong passwords, and change your passwords regularly
  • Activate your 2-Factor Authentication (2FA) for key government e-transactions and banking transactions, if you have not done so
  • Watch out for signs of phishing

We would be happy to address your concerns, please contact us at check@singhealth.com.sg or call our dedicated enquiry line: 6326-5555 (9am to 9pm)

C) HOW SINGHEALTH NOTIFIES OUR PATIENTS

You will receive one of these SMSes depending on how you are affected by the cyberattack:

Case 1: You are not affected by the cyberattack



Case 2: Your non-medical personal particulars were accessed but not altered.


Case 3: Your non-medical personal particulars and outpatient dispensed medicines were accessed but not altered.


Please note that SingHealth is notifying patients by SMS or letter only. We will NOT call you unless you have called us asking for a call back.