A recent data breach has highlighted a need for the Singapore government to realise human errors are cybersecurity risks that need to be addressed, and not simply dismissed as mistakes that carry little threat to an organisation’s network. The incident exposes a mindset within the public sector that, if left to fester, will put citizens at higher risk and erode public trust in the government’s ability to safeguard their personal data.
Last week, a folder containing personal data of 6,541 individuals was “inadvertently” sent via email to several parties, according to the Singapore Accountancy Commission (SAC), a statutory body under the Ministry of Finance. The error was discovered only months after the first email was sent, when an email protection tool–implemented in October as part of a government-wide deployment–triggered an alert. The incident exposed personal details such as names, national identification number, date of birth, and employment information.