State Courts plugs electronic loophole that allowed access to case files

THE Singapore State Courts has identified and fixed a vulnerability in its electronic case management system used in conducting criminal proceedings, which has allowed a few accused persons to gain unauthorised access to more than 200 e-case files, it said in a media statement on Wednesday.

The State Courts was alerted to a possible vulnerability in its Integrated Criminal Case Filing and Management System (ICMS) on Nov 1, and investigations found that 223 e-case files had been accessed by a few accused persons without authorisation. The ICMS Accused Person access portal can only be accessed by accused persons with a valid account through SingPass authentication, but the loophole enabled the accused persons to view court documents in other e-case files.

The files had not been tampered with, and the integrity of ongoing proceedings was not affected. The State Courts said it took immediate steps to fix the vulnerability and has implemented additional measures to protect the security and confidentiality of the information in the ICMS.

It has reported the matter to the police, and investigations are ongoing. The State Courts has sent letters to all parties affected by the unauthorised access, and set up a dedicated email at query@statecourts.gov.sg and a hotline 6435 5651 to address queries.