Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Three breached SingPass accounts used for fraudulent work pass applications

Nurdianah Md Nur | July 7, 2014
The work passes have been cancelled and MOM is implementing additional security measures to further safeguard its work pass application process.

Three of the 1,560 SingPass accounts compromised last month were used to apply for six work passes, according to a joint statement by the Ministry of Manpower (MOM) and the Infocomm Development Authority (IDA) on 4 July 2014.

Upon discovery of the fraudulent applications, MOM cancelled the work passes and reported the matter to the police. The ministry has also implemented "additional measures to strengthen and further safeguard its work pass transactions" but did not elaborate.

SingPass provides residents with access to e-government services including personal income tax filings and statements of their retirement savings, known as the Central Provident Fund (CPF).

Just last month, IDA announced that 1,560 SingPass accounts were compromised, of which 419 accounts had their passwords reset without the users' permission.

In response to that incident, IDA said in a statement that it is currently enhancing the SingPass system, which will be ready by the third quarter of 2015. It will also introduce further security measures such as enabling users to set their own usernames in the enhanced SingPass system and using second-factor authentication (2FA) for e-government transactions involving sensitive data. 

In the meantime, IDA and MOM encourage users to strengthen their SingPass passwords by ensuring that they are alphanumeric and contain at least eight characters.

 

Sign up for CIO Asia eNewsletters.