Singapore

Ransomware Incident Data Breach and Security Lapses

Singapore's Personal Data Protection Commission issued a decision regarding a ransomware incident affecting 39,000 individuals' data due to security lapses. Three separate undertakings were also accepted for similar incidents. The Commission directed the organization to strengthen its security posture and highlighted key takeaways for all organizations to prevent future breaches.

PDPC Steps Up NRIC Misuse Enforcement and Issues New Advisory

The Singapore Personal Data Protection Commission (PDPC) is stepping up enforcement against private organizations misusing NRIC numbers for authentication starting January 1, 2027. New advisories are also being issued to guide organizations on data protection lapses and recommend more secure authentication methods.

Data Protection Breaches Result in Financial Penalties

Singapore's Personal Data Protection Commission issued financial penalties to four organizations for data protection breaches affecting over 1 million individuals. These breaches stemmed from inadequate security measures, including poor patch management and lack of data protection policies. An additional organization committed to an undertaking following a ransomware attack.

PDPC Publishes Four Undertakings on Ransomware and Unauthorized Access

Singapore's Personal Data Protection Commission (PDPC) has published four undertakings from organizations that experienced ransomware attacks and unauthorized access. These undertakings detail remediation measures to strengthen cybersecurity defenses and data protection practices.

Data Breach Decision Highlights Security Lapses

The Singapore Personal Data Protection Commission (PDPC) issued a decision regarding a data breach affecting 665,000 individuals due to system misconfiguration. The case highlights lapses in security practices and emphasizes the need for robust technical and governance measures.

HSA Seizes Over $1.1M in Vaporisers

The Health Sciences Authority (HSA) seized over $1.1 million worth of vaporisers in an operation on February 24, 2026. New penalties under the Tobacco and Vaporisers Control Act (TVCA) will take effect from May 1, 2026, targeting importers, suppliers, and premises owners.

HSA Deepens International Partnerships for Biomedical Sector Growth

The Health Sciences Authority (HSA) of Singapore has announced deepened collaborations with Malaysia and Uzbekistan to facilitate access to medicines and medical devices. These partnerships include a formalised Medical Device Regulatory Reliance Programme with Malaysia and a Memorandum of Understanding with Uzbekistan for broader regulatory cooperation.

Therapeutic Product Approvals and Indications List Update

The Health Sciences Authority (HSA) of Singapore has published updated lists of new therapeutic product approvals and new indications for registered therapeutic products, effective March 2026. These lists are intended for healthcare professionals and industry members.

Raymond Chua's address at 29th Medical Device Regulators Forum

Raymond Chua's address at 29th Medical Device Regulators Forum

HSA Charges Man for Trafficking Etomidate Vaporiser Pods

The Health Sciences Authority (HSA) of Singapore has charged a 34-year-old man for allegedly trafficking etomidate vaporiser pods. The charges follow an enforcement operation where HSA seized over 900 tablets, cough syrup, and etomidate-containing vaporiser pods. Stricter penalties for etomidate trafficking are in effect.