The Monetary Authority of Singapore (MAS) has ordered all financial institutions to tighten their customer verification processes in the wake of a recent cyber attack at healthcare organisation SingHealth.
The cyber attack, which took place between 27 June and 4 July, compromised personal information such as names, IC numbers, addresses, gender, race, and dates of birth of nearly 1.5 million patients.
The central bank said it acknowledges that the banks are already using robust processes and two-factor authentication processes to identify their customers and have in place robust processes.
However, financial firms should no longer rely solely on the types of information that was stolen during the cyber attack, the regulator cautioned.
In order to thwart any risk associated with the information financial institutions should exercise additional care and verify customers using information including one-time passwords, PIN or biometrics, before processing transactions, it added.
The financial watchdog also instructed all financial institutions in the country to carry out a risk evaluation of the impact of the SingHealth incident on their existing control measures for financial services offered to customers.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
MAS chief cyber security officer Tan Yeow Seng said: “MAS will work closely with the financial institutions to ensure that robust cyber defences are in place so that customers can carry out online financial transactions with confidence.
“But customers must also play their part. They must safeguard their passwords and practise good cyber hygiene. If they suspect any fraudulent transactions in their accounts, they should notify their banks immediately.”