Supply chain
β Supply Chain
Singapore Armed Forces (SAF) Third-Party Breach (December 2019)
Primary Source βIncident Details
2 vendors for Mindef, SAF hit by malware; personal data of 2,400 staff could have been leaked. The data included the full names and NRIC numbers, and a combination of contact numbers, e-mail addresses or residential addresses. Read more at straitstimes.com. Read more at straitstimes.com. The data in the affected server totals approximately 120,000 individuals. Third-party company: HMI Institute of Health Sciences.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- HMI Institute of Health Sciences
- Supply Chain Attack
- β Confirmed third-party / vendor compromise
Timeline
- 2019-12-01 Breach occurred
- 2019-12-21 Publicly disclosed