Hacking assault drags SingPass security into harsh spotlight

Unknown attackers meddled with over 1500 accounts.

The IDA revealed on Wednesday that 1,560 SingPass IDs and passwords had potentially been accessed without the users’ permission, prompting an investigation into the biggest threat that the SingPass system has faced in recent times.

Of these 1,560 users, 419 passwords were reset without permission. This triggered SingPass Password Reset Notification Letters to be sent to the registered address of the actual account holder.

A police report was first lodged on June 3. The matter is currently under investigation, but the IDA’s initial checks suggest no evidence that the SingPass system has been compromised.

According to the IDA, “The passwords of all affected users have been reset and we are in the process of notifying them of this incident.”