Crime

SMRT Feedback releases new evidence showing database queries targeting hospital VIPs

Fearsome vigilante outfit, SMRT Feedback, follows up on new evidence related to the Singhealth database breach in July 2018.

Fearsome vigilante outfit, SMRT Feedback, follows up on new evidence related to the Singhealth database breach in July 2018.

In another media statement to Observer+ today (July 28), SMRT Feedback said that they discovered new data uploaded to the web by an anonymous user on June 15th, 2018, roughly a week before the Singhealth breach was thought to have been breached.

Here are the database logs provided by the vigilante:

“The logs show that the user was querying the database to find records of individuals with expedited access. What this means in English is basically the records of patients who can skip the queue when going to the hospital.”

– SMRT Feedback by the Vigilanteh

According to the logs, we can see the following, “Direct Access P” and “Direct Admit P”, which suggests the level of priority given to a hospital visitor or patient.

The query that reads “Class IN (“A”, “AP”, “ARF”, “B1”, “B1P”, “B1RF”, “B2RF”, “CRF”, “NR”, “PTE”, “PTEP”, “PTRF”)” are basically medical class types used by Singapore’s hospitals.

SMRT Feedback also stated that while 1.5 million Singaporeans were illegally accessed and copied, the golden nugget is actually the VIPs and VVIPs receiving medical treatment in Singapore.

SMRT Feedback also said that adversaries could use Singapore’s hospital records to find more information about their targets.

Singapore is known for her world-class medical facilities, and many important dignitaries have sought treatment here.

In December 2017, former leader of Zimbabwe, Robert Mugabe visit a hospital in Singapore for medical checks. If an adversary would like to find out more about the medical condition of Mugabe, they would just have to check Singhealth records.

SMRT Feedback did not disclose how they managed to find the logs.

Most Popular

To Top