Channel NewsAsia

Hacked SingPass accounts used to make fraudulent work pass applications

The Ministry of Manpower and the Infocomm Development Authority said on Friday (July 4) that three compromised SingPass accounts were used to make six fraudulent work pass applications.

SINGAPORE: Three of the 1,560 compromised SingPass accounts were used to make six fraudulent work pass applications.

READ: Some 1,500 SingPass accounts potentially accessed without authorisation

According to a joint statement by the Ministry of Manpower (MOM) and the Infocomm Development Authority of Singapore (IDA), MOM immediately cancelled the work passes upon discovery of the fraudulent applications. MOM added it has put in place additional measures to strengthen and further safeguard its work pass transactions.

"We thank the affected SingPass users for their assistance in helping us confirm that the applications were not made by them. The matter has now been referred to the police," the statement said.

IDA is currently enhancing the SingPass system, which will be ready by the third quarter of 2015. It is also looking into users setting their own user names in the enhanced system instead of using NRIC numbers, which is the current default. It will also introduce further measures such as two-factor authentication for e-government transactions, particularly for those involving sensitive data, the statement said.

SingPass users are encouraged to strengthen their passwords to ones that are alphanumeric with 8 to 24 characters, preferably with capital letters and symbols, to better protect their SingPass accounts, the ministries said.

Tweet photos, videos and updates on this story to  @channelnewsasia