The servers of the Interior Team War Readiness Association were attacked by ransomware, and the relevant units have shut down the affected servers and isolate them from the information technology network to prevent the problem from expanding.

The HomeTeamNS issued a statement on Monday (March 3) morning, pointing out that the association discovered the problem on February 25.

The affected servers contain some data about the association’s employees and former employees, as well as vehicle information for some members and affiliated members. “At present, there is no evidence that the data is being extracted, but we are closely monitoring it,” the association said.

The statement pointed out that the association has contacted affected personnel to assist them in preventing phishing or unauthorized transactions, hoping to minimize the impact of the incident.

The association has hired third-party cybersecurity experts to conduct investigations and remediation, and has cooperated with relevant departments. During the remediation process, the association has changed the passwords of all management accounts and further strengthened security scanning and firewalls to enhance network security.

Further reading

More than 100 employees from more than 30 government agencies received mail from pseudo-ransomware police investigation

More than 100 employees from more than 30 government agencies received mail from pseudo-ransomware police investigation

Ministry of Education takes action against Mobile Guardian contractors to replace applications early next year

Ministry of Education takes action against Mobile Guardian contractors to replace applications early next year

The Association reiterates that protecting stakeholder personal data is crucial to the Association. They are working closely with cybersecurity experts, the Singapore Police Force and the Cybersecurity Agency to conduct investigations and remedial measures.