SINGAPORE (Jan 21): In the Commission of Inquiry (COI) into the most severe data breach in Singapore’s history, Ernest Tan, manager at IHiS, the IT arm of the Ministry of Health, revealed he was reluctant to inform his superiors about cyber attack.
Tan, whose job it was to report security incidents and respond accordingly, was worried about the attendant stress and having to work overtime, telling the commission: “Once we escalate to management, there will be no day, no night.”
Tan was fired from his job on Jan 14. IHiS also fined seven members of its management, including CEO Bruce Liang, “for their collective leadership responsibility”. Meanwhile, Wee Jia Huo, the cluster information security officer specifically responsible for cybersecurity in SingHealth, will be demoted and redeployed.