NEW YORK (Reuters) – The worst cyberattack in Singapore’s history, in which the personal information of about 1.5 million people including the prime minister was stolen from a health database last year, was the work of a state-sponsored espionage group called Whitefly, according to a report by Symantec Corp on Wednesday.
Authorities in Singapore have previously said that in that attack, which they believed was state-linked, the non-medical personal details of about 1.5 million patients who visited clinics between May 2015 and July 4, 2018 were illegally accessed and copied, including those of Prime Minister Lee Hsien Loong and Emeritus Senior Minister Goh Chok Tong.
Security researchers at Symantec said that Whitefly, which has been operating since at least 2017 and has targeted organizations across a wide variety of sectors based mostly in Singapore, was primarily interested in stealing large amounts of sensitive information.
“Based on its tactics and targets, our assessment is that Whitefly is a state-sponsored espionage group. We can’t identify for certain who or what organization is directing or funding that activity,” a Symantec spokeswoman told Reuters.
“Whitefly’s tight focus on a limited number of targets in a single country leads us to believe they are likely a small- to medium-sized team.”
Symantec said the breach was not a one-off attack, but was part of a wider pattern of attacks against organizations in the island nation of Singapore, in the healthcare, media, telecommunications and engineering sectors.
(Reporting by Angela Moon; Editing by Bernadette Baum)