• If Laksaboy Forums appears down for you, you can google for "Laksaboy" as it will always be updated with the current URL.

    Due to MDA website filtering, please update your bookmark to https://laksaboyforum.xyz

    1. For any advertising enqueries or technical difficulties (e.g. registration or account issues), please send us a Private Message or contact us via our Contact Form and we will reply to you promptly.

PDPC fines IHiS, SingHealth a total of S$1 million for data breach following cyberatt

L

LaksaNews

Myth
Member
singhealth.jpg

SINGAPORE: The Personal Data Protection Commission (PDPC) has slapped a fine of S$750,000 on IHiS and S$250,000 on SingHealth for breaching their data protection obligations under the Personal Data Protection Act (PDPA), it said in a statement on Tuesday (15 Jan).
"PDPC’s investigations into the data breach arising from a cyberattack on SingHealth’s patient database system, found that IHiS had failed to take adequate security measures to protect the personal data in its possession," said the statement.
Advertisement"PDPC found that the SingHealth personnel handling security incidents was unfamiliar with the incident response process, overly dependent on IHiS, and failed to understand and take further steps to understand the significance of the information provided by IHiS after it was surfaced.
"Even if organisations delegate work to vendors, organisations as data controllers must ultimately take responsibility for the personal data that they have collected from their customers."
These financial penalties are the highest ever imposed by PDPC to date, the commission said.
[h=3]READ: SingHealth cyberattack: IHiS sacks 2 employees, imposes financial penalty on CEO[/h] AdvertisementAdvertisement[h=3]READ: COI for SingHealth cyberattacks: Officer took initiative to investigate even though it was not his job[/h]The PDPC's decision took into account the fact that the data breach was the largest breach that Singapore had ever experienced, as well as the sensitive and confidential nature of the patients’ data.
It also factored in that IHiS and SingHealth were "cooperative" throughout the investigations and took immediate remedial actions.

The cyberattack was Singapore’s most serious breach of public data. It saw the records of 1.5 million patients, including their names, NRIC numbers and addresses, along with other information accessed from Jun 28 to Jul 4 last year.
Among the data taken were the medication records of close to 160,000 patients.
[h=3]READ: If they were looking to embarrass me, they would've been disappointed: PM Lee on SingHealth cyberattackers[/h]Among those affected was Prime Minister Lee Hsien Loong, with the attackers repeatedly targeting his personal particulars and information about his outpatient medications.

Let's block ads! (Why?)


More...
 
You must log in or register to reply here.
Back
Top