Singapore government web site breached
June 7, 2014 |
Singapore’s data protection laws are far from comprehensive. Even Singapore’s Personal Data Protection Act, which takes effect on 2 July 2014, will provide inadequate regulation. While it regulates the collection, use, disclosure and care of personal data government bodies are exempt from its operation. There is no good public policy reason for such a carve out of privacy regulation. It is completely anomolous given the amount and sensitivity of personal information government agencies would hold about the Singaporean populace. That the populace must provide the Government. This can be partly, if not mainly, explained by the fact that scrutiny of government departments of the city state is minimal on any objective view.
Today reports in in 1,560 SingPass user accounts breached and Business Times in IDA reports breach of SingPass accounts that more than 1,500 accounts on a Singapore government database may have been accessed without their users’ consent. SingPass users became aware of the interference when they received a SingPass password reset notification letter even they had not requested a password reset. Such letters normally only arrive after a user has reset their password.
[…] Singapore government web site breached […]