The breach compromised personal data of 1.5 million SingHealth patients.
The incident also compromised outpatient medical data of 160,000 patients that visited the healthcare provider's facilities, which included four public hospitals, nine polyclinics, and 42 clinical specialties.
The attackers used a publicly available hacking tool to breach an end-user workstation.
The workstation was running a version of Microsoft Outlook that was not updated with a patch to address the use of the hacking tool.
Source: https://www.zdnet.com/article/singhealth-data-breach-reveals-several-inadequate-security-measures/
TPRM report: https://scoringcyber.rankiteo.com/company/singhealth
"id": "sin150311022",
"linkid": "singhealth",
"type": "Breach",
"date": "09/2018",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 1500000,
'industry': 'Healthcare',
'location': 'Singapore',
'name': 'SingHealth',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unpatched Software',
'data_breach': {'number_of_records_exposed': 1660000,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal data',
'Outpatient medical data']},
'description': 'The breach compromised personal data of 1.5 million '
'SingHealth patients. The incident also compromised outpatient '
'medical data of 160,000 patients that visited the healthcare '
"provider's facilities, which included four public hospitals, "
'nine polyclinics, and 42 clinical specialties. The attackers '
'used a publicly available hacking tool to breach an end-user '
'workstation. The workstation was running a version of '
'Microsoft Outlook that was not updated with a patch to '
'address the use of the hacking tool.',
'impact': {'data_compromised': ['Personal data', 'Outpatient medical data'],
'systems_affected': ['End-user workstation']},
'initial_access_broker': {'entry_point': 'End-user workstation'},
'post_incident_analysis': {'root_causes': 'Unpatched software'},
'title': 'SingHealth Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Microsoft Outlook vulnerability'}