Cyber Incident Victim: Tan Tock Seng Hospital
Date:
Jan 2015
Location:
Singapore
Summary
A Tan Tock Seng Hospital nurse's compromised Facebook account was used to post derogatory comments targeting Singaporeans, including offensive remarks and wishes for disasters to strike the country. The institution confirmed the employee reported the account hacking to police, pledged full cooperation with the investigation, and emphasized expectations of staff professionalism amid public complaints and debates over the post's authenticity.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 4, 2015, Tan Tock Seng Hospital addressed a social media incident involving derogatory comments attributed to one of its staff members. Anti-Singaporean remarks, including misspelled statements calling citizens "loosers" (losers) and expressing hopes for disasters to strike Singapore, circulated online via a screenshot purportedly from a Facebook post. The hospital initially acknowledged receiving public alerts about the matter on Sunday morning through its official Facebook page, stating it expected staff to maintain respectful conduct and confirming an ongoing investigation into the employee's alleged actions. By Sunday evening, the hospital provided an update identifying the individual as a nurse who had filed a police report claiming his Facebook account was compromised. The organization publicly affirmed its cooperation with law enforcement authorities regarding the hacking allegations while thanking concerned netizens for their vigilance.
The incident triggered mixed public reactions, with some individuals submitting formal complaints to the hospital based on the circulated screenshot while others questioned the authenticity of the offensive post. Tan Tock Seng Hospital's dual-phase Facebook communications—first acknowledging the investigation and later confirming the staff member's hacking claim—demonstrated its efforts to manage reputational concerns and public expectations of employee professionalism. No technical details regarding the account compromise method, forensic evidence, or perpetrator identification were disclosed in the available public statements. The hospital's response focused exclusively on procedural actions: initiating an internal review, supporting the police investigation, and maintaining transparent communication through its verified social media channel. No disciplinary measures against the nurse or system-wide security changes were mentioned in the source material, leaving the investigative outcome unresolved in the public record.