SingHealth debunks fake SMS about cyber attack

The real SMS from SingHealth vs the fake SMS being circulated. (Photos: Facebook/Singhealth)

SingHealth has warned the public to be aware of an SMS going around spreading falsehoods.

Singapore’s largest health system turned to Facebook on Friday night (20 July) to debunk the contents of the SMS, which falsely says that patients’ phone numbers and financial details such as credit card information had been accessed in the massive cyber attack that was revealed on Friday afternoon.

The fake SMS also claimed that medical records were accessed, which SingHealth denies.

SingHealth had earlier announced that it would be sending an SMS to patients who had visited SingHealth Specialist Outpatient Clinics and polyclinics between 1 May 2015 and 4 July 2018 and had their personal particulars and information on outpatient dispensed medicines illegally accessed and copied.

On Friday afternoon, SingHealth announced that the non-medical personal particulars of some 1.5 million patients who visited SingHealth clinics from 1 May 2015 to 4 July 2018 were illegally accessed and copied.

The data taken include name, NRIC number, address, gender, race and date of birth. Information on the outpatient dispensed medicines of about 160,000 of these patients was also copied. The records were neither amended or deleted, SingHealth said, and no other patient records, such as diagnosis, test results or doctors’ notes, were breached.

Related stories:

1.5M patients’ data, including PM Lee Hsien Loong’s, stolen in major cyberattack

Singapore’s worst cyberattack steals personal data of 1.5 million including PM

Healthcare data breach in Singapore affected 1.5M patients, targeted the prime minister