MINDEF has announced a potential data breach affecting the Institute of Health Sciences (HMI Institute) and ST Logistics. Caused by separate malware attacks, the possible data breaches affecting the two vendors affect more than 140,000 MINDEF and SAF personnel.
Affecting about 2,400 MINDEF and SAF staff, the data breach at ST Logistics might have compromised full names, NRIC numbers, along with a mixture of contact numbers and home and addresses.
The HMI Institute breach seems to be worse, with malware compromising its system that contained the personal data of 120,000 individuals. This comprised of 98,000 MINDEF and SAF personnel, while the rest was made up of HMI Institute’s other clients.
However, despite the much higher stakes on part of the HMI Institute breach, preliminary investigations indicate a low possibility that personal data was compromised.
Both ST Logistics and HMI Institute receive personal data of SAF and MINDEF personnel in order to render services as vendors.
ST Logistics is involved with the equipping of servicemen as well as the operation of the eMart marketplace. HMI Institute trains and certifies MINDEF and SAF personnel in CPR and AED (automated external defribillator) skills.
MINDEF has issued a statement on its various platforms, and has begun notifying affected personnel via text message. The organisation has also included an advisory on its Facebook page warning against scam text messages.
The data breach is currently being investigated by the respective vendors with oversight by MINDEF. MINDEF and SAF systems remain unaffected.