Cyberattack on Eye Clinic That Compromised Over 73,000 Patients' Data Has No Connection to NEHR

The Ministry of Health (MOH) announced that a cybersecurity breach compromising the personal data of over 73,000 patients of Eye & Retina Surgeons (ERS) has no connection to the National Electronic Health Record. MOH's IT systems have not suffered a similar cyber incident.

Credit: Eye & Retina Surgeons

On 6 August 2021, the ERS endured a ransomware attack that affected the personal data of 73,466 patients as their names, addresses, ID numbers, contact details and clinical information were made vulnerable. The eye clinic clarified that credit card or bank account information was not accessed or compromised.


According to ERS, the breach hit servers and multiple computer terminals at the clinic's Camden Medical branch. The IT system at ERS' Mount Elizabeth Novena Specialist Centre branch was unaffected.


ERS confirmed that its IT systems have been securely restored and that as of now, none of the compromised data has been released to the public. The company will continue monitoring the situation for any developments.


The clinic filed a police report on the cyberattack on 13 August 2021. The Personal Data Protection Commission and the Singapore Computer Emergency Response Team have similarly been informed about the incident "for further investigations".


ERS' IT team is cooperating with the Cybersecurity Agency of Singapore and MOH to identify what caused the incident to take place.


"All necessary measures to prevent a recurrence of this breach will be taken," said the clinic, which is consulting cybersecurity experts and officials to pinpoint areas of improvement for its IT systems' security.

Credit: Shutterstock

In light of the occurrence, MOH stressed that the Singaporean government takes instances of cyberattacks seriously. It also told healthcare organisations to secure their IT systems.


"Following this incident, MOH will be reminding all its licensed healthcare institutions to remain vigilant, strengthen their cybersecurity posture, and ensure the security and integrity of their IT assets, systems, and patient data. It is only through the disciplined maintenance of a safe and secure data and IT system that healthcare professionals will be able to deliver accurate and appropriate care and uphold patient safety," said MOH in a statement.

 

Written by Sophia Lopez

 

#Eyeclinicdatabreach #EyeclinicdatabreachSingapore #EyeandRetinaSurgeonsransomwareattack #EyeandRetinaSurgeonscyberattack #EyeclinicdatabreachnoconnectiontoNEHR #EyeclinicdatabreachMOHstatement #Over70000patientsdataaffectedineyecliniccyberattack #Eyeclinicdatabreachaffectedpatientsdata #Eyeclinicdatabreachaffectedover70000patientsdata #Eyeclinicdatabreachaffectedbranches

Side