COI Report – Part IV
Page
102 of
425 Witness marking Name Designated Role Roles in response to the Cyber Attack IHiS IT administrators W2
Lum Yuan
Woh Assistant Director, Systems Management Department, IHiS
Citrix
Team lead, led efforts in investigating into suspicious activities on the
Citrix servers W Katherine Tan Seang
Lim
Senior Manager, Systems Management Department, IHiS
SCM database administrator, noticed attempts to login to SCM database on 11 June 2018 W
Chai Sze
Chun
Assistant Lead Analyst, Production Enhancement Team,
IHiS Member of the SCM Application Team,
Detected unusual query to SCM database on 4 July
2018
IHiS Security Management Department W7 Benjamin Lee Yi
Ren
System Engineer, Security Management Department, IHiS Investigated suspicious activity detected in a PHI 1 Workstation in January
2018, later also investigated the incidents taking place in June/July
2018
W Tan Choon Kiat Ernest Senior Manager, Security Management Department, IHiS
SIRM for SingHealth, was meant to lead and coordinate IT security
incident response W Wee Jia Huo Cluster Information Security Officer for
SingHealth, IHiS Cluster ISO for
SingHealth, was accountable for the actions
of the incident response team 
