The Monetary Authority of Singapore (MAS) has ordered all financial institutions to tighten their customer verification processes in the wake of a recent cyber attack at healthcare organisation SingHealth.
The cyber attack, which took place between 27 June and 4 July, compromised personal information such as names, IC numbers, addresses, gender, race, and dates of birth of nearly 1.5 million patients.
Go deeper with GlobalData
The central bank said it acknowledges that the banks are already using robust processes and two-factor authentication processes to identify their customers and have in place robust processes.
However, financial firms should no longer rely solely on the types of information that was stolen during the cyber attack, the regulator cautioned.
In order to thwart any risk associated with the information financial institutions should exercise additional care and verify customers using information including one-time passwords, PIN or biometrics, before processing transactions, it added.
The financial watchdog also instructed all financial institutions in the country to carry out a risk evaluation of the impact of the SingHealth incident on their existing control measures for financial services offered to customers.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataMAS chief cyber security officer Tan Yeow Seng said: “MAS will work closely with the financial institutions to ensure that robust cyber defences are in place so that customers can carry out online financial transactions with confidence.
“But customers must also play their part. They must safeguard their passwords and practise good cyber hygiene. If they suspect any fraudulent transactions in their accounts, they should notify their banks immediately.”
