Singapore banks to tighten verification processes following SingHealth data breach

Wednesday 25 July 2018 10:11 CET | News

The Monetary Authority of Singapore (MAS) has warned banks in Singapore to tighten their customer data verification processes following the recent SingHealth security breach.

The banks were instructed not to depend solely on the types of information that had been illegally accessed in the cyberattack to verify customers’ identity. These included full name, national identification number, address, gender, race, and date of birth.

Additional information should be used for verification before banks processed any transaction for the customer, the industry regulator said. These, for example, could include one-time passwords, PIN, and biometrics.

Banks in Singapore already were required to implement two-factor authentication to identify customers at login for access to online services. An additional layer of control also had to be put in place to authorise high-risk transactions, such as opening of beneficial accounts, registration of third-party payee details, and revision of funds transfer limits.

According to Reuters, non-medical personal data of 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics between May 1, 2015, and July 4, 2018, had been found to be illegally accessed and copied. In addition, outpatient medical data of some 160,000 patients were compromised.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Monetary Authority of Singapore, MAS, data breach, online security, fraud prevention, data breach, SingHealth, 2FA, biometrics, Singapore
Countries: World