The Infocomm Development Authority of Singapore (IDA) announced on Wednesday (4 June) that more than 1,500 SingPass accounts might have been tampered with.
SingPass, which stands for Singapore Personal Access, is a password issued to Singapore residents to access various government services online. These services include personal income tax filings and statements of their retirement savings.
According to IDA's media statement, it was notified by SingPass operator CrimsonLogic on Monday (2 June 2014) that a number of users had received a SingPass password reset notification letter even though they did not request for a password change.
Preliminary investigations revealed that 1,560 user IDs and passwords were potentially accessed without the users' permission, of which 419 passwords were reset. Even though there was no evidence suggesting that the SingPass system was compromised, the IDA filed a police report on Tuesday (3 June 2014). IDA has also reset the passwords of affected users and is in the process of notifying them.
"The Government strongly urges all SingPass users to take the necessary precautions to enhance their cyber security," said Jacqueline Poh, managing director of Infocomm Development Authority of Singapore in a media statement. She added that users should use strong passwords to access not only SingPass but all the other e-Services they subscribe to, install anti-virus software and update software regularly.
Sign up for Computerworld eNewsletters.