Hackers have stolen personal data in Singapore belonging to some 1.5 million people, or about a quarter of the population, officials say.
They broke into the government health database in a “deliberate, targeted and well-planned” attack, a government statement says.
Those targeted visited clinics between 1 May 2015 and 4 July of this year.
Data taken include names and addresses but not medical records, other than medicines dispensed in some cases.
“Information on the outpatient dispensed medicines of about 160,000 of these patients” was taken, the statement says.
“The records were not tampered with, ie no records were amended or deleted. No other patient records, such as diagnosis, test results or doctors’ notes, were breached. We have not found evidence of a similar breach in the other public healthcare IT systems.”
The wealthy city state prides itself on its stability and security.
How were systems breached?
It appears that a computer belonging to SingHealth, one of the state’s two major government healthcare groups, was infected with malware through which the hackers gained access to the database.
They struck some time between 27 June and 4 July, according to the government.
Other public healthcare institutions are expected to do the same.
How vulnerable is Singapore to hacking?
The government has previously warned of cyber attacks, saying it has been the target of international hackers, but most attacks were foiled.
It has stepped up measures in recent years, including disconnecting computers for certain key ministries in the civil service from the internet, so that they operate on intranet only.
A cyber attack last year targeted the defence ministry but only got basic information on military conscripts.
Singapore personal data hack hits 1.5m, health authority says