Singapore’s Fullerton Health Hit By Data Breach

Singapore healthcare provider Fullerton Health says a third-party data vendor, Agape Connecting People, which facilitates with appointment booking, suffered a data breach on October 19 that compromised patients’ personal data containing names, contact details and banking information:

We detected on 19 October 2021 that client information was compromised due to unauthorised access by a malicious third party.

The intrusion was identified and we acted immediately to prevent further compromise. The system was isolated and suspended. None of our core infrastructure has been compromised. Based on the information gathered to date, we are confident that our security controls were effective in limiting the impact of the incident.

The incident appears to have been contained to our client Fullerton Healthcare. The customer information that may have been compromised were limited to the following: Personal identifiable information such as name and contact details. We have established that no credit card information and password has been exposed.

We are in the process of confirming that no other clients of Agape Connecting People were affected.

This could lead to identity theft and fraud on a large scale. Which of course is not good. And it could go beyond this one client. Yan Michalevsky, CTO and Cofounder, Anjuna had this to say in terms of how to stop this sort of attack from happening:

“Taking over company servers enables attackers to laterally move within the organizational infrastructure and compromise sensitive data. In addition to existing measures, technologies such as Confidential Computing and Secure Enclaves can protect applications and data even in the case of an attacker taking over the servers, as in the case of the Fullerton Health data compromise.”

Companies should consider taking these steps to protect their data, and customer data.

Leave a Reply

%d bloggers like this: