Personal data stolen from Singapore Ministry of Defence servicemen and staff
Tue 28 Feb 2017
Singapore’s Ministry of Defence (MINDEF) has confirmed that its internet access system has been hacked, with personal data of 850 servicemen and employees stolen.
The server breach, which took place earlier this month, led to the theft of staff data including NRIC numbers, telephone numbers, and dates of birth. However, no classified military information was compromised in the attack.
According to MINDEF Deputy Secretary for Technology David Koh, the attack was not the work of ‘casual hackers or criminal gangs’, but was rather a targeted and carefully coordinated campaign.
The ministry added that it suspected the true aim of the hack was to gain access to official military secrets, but those plans would have been foiled due to the physical separation of the breached system from MINDEF’s other internal systems.
MINDEF did not provide details on where the campaign had originated from and did not speculate on who the perpetrators may be. It said that it was continuing to investigate the attack and all Mindef computer systems to determine the extent of the breach.
The hacked system, I-net, provides online connection to servicemen and employees within MINDEF and Singapore Armed Forces camps and bases. The department said that the majority of those affected by the attack were regular servicemen. It added that these users did not belong to one specific camp.
MINDEF said that it would contact all affected personnel within the week to inform them of the incident and advise that they change passwords for any account if they include any of the stolen details.
‘MINDEF apologises for this breach and any inconvenience or harm caused to all affected servicemen,’ the agency said in a statement.
The ministry also noted that it has informed the Cyber Security Agency and the Government Technology Agency of Singapore, advising that they conduct forensic investigations into other national systems.