More Breaches: The Biggest Leaks of 2021


Nowadays, security has become a crucial part of people’s lives. Unfortunately, many tend to overlook data security even if it has significant ramifications. With many data protection tools and data protection courses now available, many people assume their personal data are always protected.

However, such is not the case all the time. While everyone may not be aware of it, WhatsApp was recently fined €225m by the European Union for sharing user information with other companies under Facebook. Although they have claimed end-to-end encryption for user messages, this serves as a cue for people to pay more attention to their data.

Nowadays, there are some organisations that promise user privacy upfront by encrypting all data and preventing even themselves from viewing it. At the same time, they are being cross-functional with other popular services such as Dropbox and Google Drive. Any data that is transferred from your existing account to these services are encrypted as well.

Cyber Security: How Bad Is It Right Now?

Undeniably, things have gotten worse in terms of cyber security since the pandemic started. Experts have been raising the alarm as most people bid their offices goodbye and worked at home. A 2021 report on data breaches done by Verizon indicated that over 5,000 data breach incidents happened in Asia Pacific alone.

What’s even more alarming is 96% of those incidents focused on stealing credentials. Asia Pacific ranks as the second most at-risk region next to North America. The report showed data breaches among various sectors including healthcare, retail, education, manufacturing, and just about anywhere where valuable personal or financial information is stored.

Although PDPA certifications have helped data protection officers perform their duties better and helped many organisations stay compliant, data leaks and breaches have been increasing. Even Singapore, renowned for its safety and peace, is not spared. The Straits Times reported that in 2020, there were 108 cases of data leaks in the public sector.

The Worst Data Breaches of 2021

Alarm bells started ringing back in 2018 when the Ministry of Health’s HIV registry was breached. The said incident has exposed the confidential data of over 14,200 patients. That same year, a vulnerability in the online system of the state court was breached. This resulted in over 223 files being accessed illegally.

It is concerning to know that while the public sector has spent S$1b on measures to protect personal data, breaches still continue to happen.

A study conducted by Sophos of 900 businesses across Asia revealed that 68% have been breached successfully in 2021. At least half have been reported to have experienced serious data loss. Some Singaporean businesses were also reported to have dealt with as many as 50 attempted security attacks per week.

In logistics, SITA, an air transport IT company experienced a serious breach that compromised the data of over 580,000 PPS and Singapore Airline Krisflyer members. The carrier however claimed there was no crucial data like credit card information or passwords stolen.

Singtel, a communications technology giant, is still investigating a massive breach that occurred in February of 2021. The attack targeted obsolete file-sharing systems that were used internally and shared with external parties. The company claimed customer information may have been compromised.

Healthcare also made the cut last year with Fullerton Health suffering a breach that was only detected in October. The breach compromised the personal data of patients including their names and contact details. In other cases, health data and bank accounts were breached.