[ad_1]
Some defendants were able to access more than 200 court files without authorization through the state court's online affairs management system.
Preliminary results show that they have exploited a loophole in the Integrated Criminal Case Management System (ICMS) and have reviewed court documents in electronic files other than their own, courts of law said. State in a statement.
As a general rule, only defendants with a valid account can access the ICMS Accused Access Portal to view their records using SingPass authentication.
On November 1, state courts were alerted about a possible vulnerability and discovered that some unauthorized defendants had access to 223 files. Based on the preliminary investigations, people had access to the records during that year.
"Immediate steps have been taken to address the vulnerability: the electronic records have not been tampered with and the integrity of the ongoing proceedings has not been affected," said the court of 39; State.
Since 9 November, state courts and its system provider, Ecquaria Technologies, have implemented additional security measures to strengthen user access controls, to protect the security and confidentiality of information that they contain, says the communique.
While police investigations are ongoing, criminal lawyer Sunil Sudheesan said that the defendants had probably committed an offense under the law relating to the misuse of the computer.
"It's unfortunate, but the extent of the breach must be studied to see what information has been taken," said Mr. Sunil, head of the criminal department of Quahe Woo & Palmer.
For example, if only the indictment sheets were consulted, the negative consequences for the victims would be less important because the information is technically public, Sunil said.
However, it is possible that the accused had access to private medical reports such as psychiatric reports, he noted.
Attorney Eugene Thuraisingam said that since the system's data could be considered "protected", the defendants could even face a harsher sentence, which could sentence them to a term of imprisonment of up to 39 to 20 years and a fine of $ 100,000.
He noted that while it was heartening that additional safeguards were in place, there should be no further violations in the system.
"Especially in this digital age where data is accessible and can be easily published and disseminated, the importance of protecting confidential data – not just the case files themselves, but also the privacy issues – must not be exaggerated. names, phone numbers, e-mails., addresses of the people involved, "he said.
[ad_2]
Source link
