- This topic has 0 replies, 1 voice, and was last updated 3 years, 10 months ago by Kridsada Sirichaisit.
-
AuthorPosts
-
-
2020-10-20 at 9:54 pm #23436Kridsada SirichaisitParticipant
Brief Story
Personal data of 1.5 million people in Singapore (1/4 of population) was hacked. Data taken include names and addresses but not medical records, other than medicines dispensed in some cases. Information on the outpatient dispensed medicines of about 160,000 of these patients was taken. Medical records were not tempered.
The data of Prime Minister Lee Hsien Loong, including information on his outpatient dispensed medicines, was “specifically and repeatedly targeted”. Mr Lee has survived cancer twice.
Computer in SingHealth, one of the state’s two major government healthcare groups, was infected with malware through which the hackers gained access to the database. Security management after this event was temporarily banned staff from accessing the internet on all 28,000 of its work computers
Singapore was attacked by hackers previously, defense ministry, Mr. Lee’s official website. The government has previously warned of cyber-attacks, saying it has been the target of international hackers, but most attacks were foiled. Health records are often targeted because they contain valuable information to governments.
What is/are the impact of this data breach? Consequences of the data breach.
Privacy was disclosed by unauthorized and individual data may be to use in illegal issues. Some secret health data was disclosed eg. malignancy of prime minister that may affect to the security of the country.
How did the data breach occur?
From malware in intranet computer of SingHealth. May be from not attention to security policy of staff.
What should be the main cause of the data breach? Provide a brief explanation of the cause of data breach, such as phishing, ransomware, HIPAA violation, database misconfiguration, human error, third-party vendor error)?
-Cross-site Scripting
-Phishing
How could you prevent this data breach attack?
1. Don’t open email from unknown source
2. Don’t go to un secured website
3. Personal firewall and Antivirus in computer desktop with frequently update
4. Don’t download and open or install unknown software or cracked software
5. Good password and frequently change
6. Don’t save password in computer
7. Organization firewall to monitor and detect abnormal network data flow
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here