Eye & Retina Surgeons, a private eye clinic in Singapore, has disclosed that it was hit by a ransomware attack early this month. 

The incident on 6 August affected the clinic's server and management system that is said to be managing over 73,000 patients. Based on a news report, the attack compromised patient information, including names, addresses, identity card numbers, contact details and clinical information such as clinical notes and eye scans. No credit card or bank account details were accessed. 

The attack was carried out on servers and several computers at the ERS Camden branch; the IT system at its branch in Mount Elizabeth Novena Specialist Centre was unaffected.

Active medical records in the clinic, which are stored in a separate cloud-based system, were untouched by the attack, while clinical operations were spared as well.  

The news report said the ERS paid no ransom to still-unidentified hackers.

According to Singapore's Ministry of Health, it was informed of the cyber attack on 16 August. Since then, ERS has worked closely with them and the Cybersecurity Agency of Singapore to identify the root causes of the incident. 

As of late, the clinic's IT system has been restored "securely" and IT providers have made "thorough" checks on its system, reformatted servers and run anti-virus scans on all computer terminals. 

While there has been no report of data leakage for now, the ERS said it is staying on top of the situation.

The ERS said it has taken measures to prevent the incident from recurring. It is currently in the process of informing patients about the cyber attack. 

In a separate statement, the MOH said no IT systems of the agency, including the National Electronic Health Record, was connected to the clinic's compromised IT systems, nor has there been a similar attack on its systems.

THE LARGER TREND

The ransomware attack at ERS was followed by similar incidents at insurer Tokio Marine Insurance Singapore and tech firm Pine Labs. 

Based on a recent report by the Cyber Security Agency of Singapore (CSA), there were 89 ransomware cases reported to the agency last year, a 153% jump from the 35 cases noted in 2019. The attacks were carried out mostly on small to medium enterprises from the manufacturing, retail and healthcare sectors. 

Yesterday, the CSA, Singapore Police Force and the Personal Data Protection Commission released a joint advisory on recent cyber incidents involving local organisations targeted by a bad actor known as ALTDOS, who first emerged in late 2020 after launching an attack on a securities trading firm in Thailand. ALTDOS has also carried out cyber attacks in Bangladesh and Singapore. 

Also, early this August, the MOH issued the Healthcare Cybersecurity Essentials guidelines to remind all licensed healthcare providers to set up and constantly review their security safeguards, enforce new measures and adopt best practices to secure their IT systems and endpoints.

ON THE RECORD

"Following this incident, MOH will be reminding all its licensed healthcare institutions to remain vigilant, strengthen their cybersecurity posture, and ensure the security and integrity of their IT assets, systems, and patient data. It is only through the disciplined maintenance of a safe and secure data and IT system that healthcare professionals will be able to deliver accurate and appropriate care, and uphold patient safety," the MOH said.