NRICs, home addresses of doctors among data leaked from Academy of Medicine, Singapore

The group responsible – Lockbit 3.0 – put the data on the Dark Web for free at 4.41am on Sept 10. PHOTO: TNP FILE
Aqil Hamzah
Updated
Sep 12, 2023, 12:20 PM
Published
Sep 11, 2023, 08:40 PM

SINGAPORE – The personal information of some 50 doctors linked to the Academy of Medicine, Singapore (AMS), including senior figures in the medical fraternity, has been put up on the Dark Web by a Russian-based ransomware gang since Sunday.

The affected doctors include both locals and foreigners, ranging from the academy’s directors to its teachers, as well as students undergoing advanced specialist training in Singapore.

In the 13.69GB database obtained by The Straits Times, personal information such as NRIC numbers and home addresses can be seen, as well as the log-in credentials for AMS’ social media accounts, and a list of its staff and their mobile phone numbers.

The staff contact list was correct as at May, with an earlier version from 2019 in a folder labelled “To be deleted”.

This folder also contains a 2021 contract, which lists the recipient’s home address, and letters that granted a lifetime fellowship for members above the age of 65 and who have paid for at least 10 years of membership.

The letters were dated March 23, 2022, with five out of nine showing the recipients’ home addresses.

Another folder contains letters from Brunei’s Public Service Department, outlining the allowances that seven Bruneian doctors would receive as they undergo specialist training here.

An AMS spokesman told ST that its servers had been hit by a ransomware attack, which it discovered on July 13.

The group responsible – Lockbit 3.0 – put the data on the Dark Web for free at 4.41am on Sunday.

As one of the most prolific groups in the cyber-criminal space, the ransomware gang holds the dubious distinction of being the most active in the world in 2022, with a tally of 913 cyber attacks.

It had earlier published data taken from luxury retailer Cortina Watch in June, as well as that of the world’s largest chipmaker, Taiwan Semiconductor Manufacturing Company, in the same month.

Once AMS discovered its servers had been compromised, they were immediately taken offline, said the spokesman.

“The immediate measures included appointing cyber-security and legal experts who were tasked to work with us to review and strengthen the academy’s cyber-security infrastructure while investigations were ongoing,” he added.

The data was put up for free on the dark web on Sunday by ransomware gang Lockbit 3.0. PHOTO: SCREENGRAB

Besides lodging reports with the police and the Cyber Security Agency of Singapore on the same day it discovered the attack, AMS also made a report to the Personal Data Protection Commission (PDPC) during the course of investigations.

A spokesman for the PDPC said the privacy watchdog was aware of the incident and is currently investigating.

Meanwhile, the academy’s spokesman said AMS has also informed its members and individuals who have had dealings with the academy about the potential data breach and urged them to take precautions. They have since been told that the data stored was confirmed to have been breached.

In the light of the ransomware attack, AMS has installed an enhanced firewall and implemented multi-factor authentication, among several other measures that were recommended by its cyber-security experts.

More On This Topic
More than 7,000 Singapore Duolingo users’ e-mail addresses found in leaked database
Hacker steals luxury retailer Cortina Watch’s data, including customer details

Join ST's WhatsApp Channel and get the latest news and must-reads.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top