The Singapore government said its online identifications issued to residents to access services including personal income tax filings and pension savings statements may have been tampered with.
The investigations showed 1,560 SingPass accounts may have been breached with their passwords accessed without the users’ permission, the Infocomm Development Authority of Singapore said yesterday in an e-mailed statement. A total of 419 of the accounts triggered password reset notification letters to be sent to the account holders, it said.
The authority was notified by the SingPass operator three days ago, and a police report was filed on June 3, it said. The security breach may affect Singapore’s reputation as an Asian financial center. The city is the region’s largest wealth management center with about $800 billion in offshore assets, according to Boston Consulting Group.
“The Singapore government takes cyber security very seriously,” the authority said. “The protection of personal data and the delivery of secure e-services are critical. We will continue to strengthen all government e-services as part of on-going efforts to enhance security.”
Checks by the infocomm authority showed no evidence that the SingPass system was compromised, it said. CrimsonLogic Pte manages SingPass operations, including the system, website and customer services, SingPass said on its website. Other SingPass services include corporate searches and registering new companies, the website showed.
Robert Half International Inc. said yesterday 60 percent of banks and financial institutions in Singapore are increasing their spending on information technology security in 2014 compared with last year. That’s a higher proportion than markets including Australia, Hong Kong, Japan, the United Arab Emirates and the U.K., the other countries where the recruiter conducted the same survey.
The infringement comes about six months after Standard Chartered Plc (STAN) said wealthy clients’ confidential information was stolen in Singapore from a printing company. The London-based lender said in December it hadn’t found any unauthorized transactions since the theft from Fuji Xerox Co., which was hired to print statements for the 647 clients.
In November, Singapore authorities investigated a breach of Prime Minister Lee Hsien Loong’s website, one day after he said he would track down a group that announced plans to hack government online portals.
To contact the reporter on this story: Sanat Vallikappen in Singapore at email@example.com
To contact the editors responsible for this story: Chitra Somayaji at firstname.lastname@example.org Linus Chua, Tomoko Yamazaki