The Singapore Red Cross said that its website had been hacked and the personal data of more than 4,000 potential blood donors compromised in the latest cyber attack on the city-state.
The exposed information includes names, blood types, and contact numbers of 4,297 potential blood donors were compromised after an unauthorized access to a section of its website
SRC reported the breach to the authorities on the same day and police had launched an investigation.
Preliminary findings showed that a “weak administrator password” may have made the site vulnerable.
TPRM report: https://scoringcyber.rankiteo.com/company/sgredcross
"id": "sin213019323",
"linkid": "sgredcross",
"type": "Breach",
"date": "05/2019",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '4,297',
'industry': 'Healthcare',
'location': 'Singapore',
'name': 'Singapore Red Cross',
'type': 'Organization'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'number_of_records_exposed': '4,297',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Personal Information']},
'description': 'The Singapore Red Cross reported a data breach where the '
'personal data of more than 4,000 potential blood donors was '
'compromised due to a hack on its website. The exposed '
'information includes names, blood types, and contact numbers.',
'impact': {'data_compromised': ['Names', 'Blood Types', 'Contact Numbers'],
'systems_affected': ['Website']},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': 'Weak Administrator Password'},
'response': {'law_enforcement_notified': 'Yes'},
'title': 'Singapore Red Cross Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Weak Administrator Password'}