(Jan 28): Records of as many as 14,200 people with HIV and their 2,400 contacts have been “illegally disclosed online”, Singapore’s health ministry said in a statement, marking the second cyberattack the city-state has suffered in a year.
The HIV-registry data was leaked by a US citizen, Mikhy K. Farrera Brochez, who was deported from Singapore after serving jail time for fraud and drug-related offences, the ministry said. The leaked information included names, test results and contact details of 5,400 Singaporean citizens and 8,800 foreigners.
The latest data spill comes less than a year after a cyberattack on SingHealth that had exposed the medical data of about 1.5 million people, including outpatient details of the Singapore Prime Minister Lee Hsien Loong. This breach is especially problematic since it compromises the identity of those living with HIV in a region which there’s still a lot of social stigma around the condition.
“While access to the confidential information has been disabled, it is still in the possession of the unauthorised person, and could still be publicly disclosed in the future,” the ministry said in a statement. The ministry is scanning the Internet for signs of further disclosure of the breached information.
Singapore’s laws prohibit the disclosure of a patient’s HIV status and related data, without the person’s consent except under certain circumstances.
