The Singapore Ministry of Defence said no classified information was stolen because it is housed on a separate system that is not connected to the internet
The personal data of 850 Singaporean national servicemen has been stolen after a “targeted and carefully planned” cyber attack on a Ministry of Defence (MINDEF) system that provides internet use to its service members.
The service is called I-net and MINDEF said it does contain classified military information. Top-secret information is stored on a more secure system that does not use the internet, according to the ministry.
The affected computers were located in MINDEF and Singapore Armed Forces camps and premises.
Stolen information includes NRIC numbers, telephone numbers and date of birth information. This data was vulnerable because it is required to access the internet.
“The real purpose may have been to gain access to official secrets, but this was prevented by the physical separation of I-net from our internal systems,” MINDEF said in a statement.
MINDEF’s Deputy Secretary for Technology David Koh told Channel News Asia that he does not believe the breach was the work of “casual hackers or criminal gangs”.
The government said the investigation is ongoing it will contact all affected individuals by the breach within the week.
MINDEF said the ministry will continue to provide internet access to national servicemen while they are in camp.
The attack prompted MINDEF to recommend an investigation into other government systems — so far, nothing has turned up.
The breach occured earlier in February and MINDEF said it needed to continue the investigation and enhance security before announcing it publicly.
This is the first time the MINDEF system has been breached, although the ministry told reporters they are constantly under digital attack.