Organisations may receive lower fines if they admit role in data breaches: Privacy watchdog
this is index.phpSINGAPORE – Organisations that expedite the privacy watchdog’s processes by admitting their role in a data breach and pleading guilty to it, may receive a lower financial penalty if the cause is a common breach.
Common breaches include URL manipulation, poor password management, or printing errors resulting in incorrect recipients, the Personal Data Protection Commission (PDPC) said in a statement on Wednesday (May 22).
The commission added that it is aware that even organisations that are well prepared may not eliminate all risk of data breaches. They can now avoid a full investigation by requesting for an undertaking option from the PDPC, in the case of a data breach.
This may be granted if the organisations can prove they had in place “proper accountability practices, monitoring and remediation plans” in the case of a data breach, and if they deliver an undertaking to execute a fully developed and prepared contingency plan to resolve a data breach when it occurs.
The PDPC also has to assess that such an undertaking would achieve similar or better enforcement outcomes, as opposed to a full investigation before granting this option.
These steps are being taken to “bring investigations on clear-cut data breaches to a conclusion quickly”, the commission said.
Under the Personal Data Protection Act, organisations can be given a financial penalty of $1 million for their role in breaches.
The law makes it clear that organisations have an obligation to make reasonable security arrangements to protect the personal data that they possess or control, and to prevent unauthorised access, collection, use, disclosure or similar risks.
The commission on Wednesday also announced the launch of its updated guide which contains, among other things, recommendations of how organisations should handle breaches.
It also includes examples and clarifications to address common queries from organisations, such as policy considerations by the PDPC when deciding to initiate or discontinue an investigation, as well as financial penalty assessment factors.
There are also recommendations for organisations on when to notify the PDPC and individuals of a breach, as well as the timeliness of this notification.
For example, organisations conducting internal investigations and assessments of a potential data breach should take no more than 30 days from when they are aware of a potential breach.
And if more than 500 individuals are affected or if significant harm or impact to the individuals is likely to occur due to a breach, organisations are recommended to notify the PDPC no later than 72 hours from the time they have completed their assessment.
The Straits Times reported last week that the PDPC was investigating a breach of the Singapore Red Cross website which compromised the personal data of more than 4,200 people, including their full names, contact numbers and e-mail addresses.
The PDPC was notified on the day the breach was discovered, but ST understands that the people affected were informed only eight days later, via e-mail and SMS.
Asked why they were not alerted earlier, a spokesman for the Singapore Red Cross said it had first initiated an internal investigation to “ascertain the extent to which our stakeholders could be affected”.
The commission said it had engaged stakeholders in updating the guide, which it will monitor and adjust as necessary.
The recommendations are in line with upcoming plans to implement mandatory breach notification, which the PDPC will introduce in the upcoming review of the Personal Data Protection Act.
The commission urged companies to adopt the recommendations “as this will allow them to respond to data breaches confidently and prepare for the PDPC’s planned introduction of a mandatory breach notification in its upcoming Act Amendment”.
Personal data of more than 4,000 people compromised after Singapore Red Cross hack
this is index.phpSINGAPORE: The personal data of 4,297 people has been compromised after part of the Singapore Red Cross’ (SRC) website was hacked, according to a statement by the organisation on Thursday (May 16).
SRC said its web developer alerted it last Wednesday to an incident of unauthorised access to the part of its website which supports the recruitment of interested blood donors.
Members of the public can indicate their interest in donating blood through the website, and SRC then makes the appointments on their behalf.
“The following information of 4,297 individuals who had registered their interest on the website was compromised: Name, contact number, email, declared blood type, preferred appointment date/time and preferred location for blood donations,” said SRC, adding that no other information was affected.
It said its other databases were not compromised, and the Health Sciences Authority’s (HSA) systems were also unaffected by the incident.
The organisation made a police report the same day. It also reported the incident to the Personal Data Protection Commission and HSA. Police investigations are ongoing, it added.
A weak administrator password could have left the website vulnerable, said SRC, adding that investigations to determine how the incident happened are ongoing.
“There were measures in place to guard against unauthorised access of the website,” it said. “While our investigations to determine the nature of the unauthorised access are ongoing, our preliminary findings show that a weak administrator password could have left the website vulnerable to the unauthorised access.”
It said that it had disconnected the website from Internet access, and replaced it with a temporary webpage with links to relevant websites as a precaution.
The website will only be reinstated when all security checks have been completed, added SRC.
External consultants have been engaged to carry out forensic investigations and determine the “exact factors” that allowed the unauthorised access, it said.
These findings and recommended measures will be reported to the SRC Council (Board) and SRC will take necessary action to strengthen its security measures, together with the advice of the organisation’s IT advisory panel.
“Our immediate priority is to ensure affected individuals and partners are notified, while working with the relevant parties to restore and strengthen our IT systems, safeguard our data, and mitigate any future risks,” said SRC’s secretary-general and chief executive officer Benjamin William.
“SRC has started to contact affected individuals. We apologise to the users of our website whose information may have been affected by this incident.”
A spokesman for the Personal Data Protection Commission said in response to CNA’s queries that it is aware of the incident and is investigating the matter.
SRC’s case is the latest in a string of cybersecurity incidents to have hit healthcare-related systems in Singapore.
In March this year, HSA said that the personal information of more than 800,000 blood donors was left exposed on the Internet for nine weeks after the data was mishandled by its vendor.
In January, the HIV-positive status of 14,200 people – along with confidential information such as their identification numbers and contact details – was leaked online.
In July last year, the Government made public a cyberattack on SingHealth, calling it the “most serious breach of personal data” in Singapore’s history.
The incident saw 1.5 million SingHealth patients’ records accessed and copied, while 160,000 of those had their outpatient dispensed medicines’ records taken. Among those affected was Prime Minister Lee Hsien Loong.
NEA closely monitoring air quality in Singapore after explosion at Johor oil and gas facility
this is index.phpSINGAPORE: The 24-hour PSI levels in Singapore remained in the low-moderate range, the National Environment Agency (NEA) said, after an explosion at the Petronas oil and gas facility in Johor on Friday (Apr 12) left two injured.
The blast at the Pengerang Integrated Complex happened around 1.25am, Petronas confirmed in a statement on Twitter.
It added on Friday afternoon that the fire had occurred at the facility’s Atmospheric Residue Desulphurisation (ARDS) unit, which was currently under the commissioning stage.
“Teams have been set up and are currently working closely with the relevant authorities to investigate the cause of the incident,” Petronas said in their statement.
“We wish to assure members of the public that the situation is under control and there is no health-related risk to this incident.”
The explosion left two Malaysian security guards with minor injuries, emergency services said on Friday morning.
Footage circulating on social media showed a giant ball of fire at the facility, with thick plumes of smoke rising from the blaze.
In response to the incident, NEA said that it was “closely monitoring the situation as well as the air quality in Singapore”.
“The ambient levels of volatile organic compounds (VOCs) along Singapore’s coast remain within safe levels,” it said.
It added that the 24-hour PSI levels in Singapore since 1am on Friday have been in the low-moderate range, while the the 1-hour PM2.5 readings was in the Normal band.
“As of 12pm today, NEA has not received any related local feedback that could be traced to the reported explosion,” the agency said.
“We are in contact with the Department of Environment (Johor) and we will provide updates if there are changes to the situation.”
RESIDENTS FELT STRONG VIBRATIONS
The explosion resulted in strong blast vibrations in the surrounding areas, witnesses said.
Mohd Azizi Mahmun, 24, who lives near the scene, said he felt as though there was a strong “kick” on the door of his house when the incident occurred.
“I was asleep during the incident, and woke up due to the strong vibration,” he said.
“It also set off the alarms (in) the cars in the area. My neighbours and I then came out (of our houses) and saw smoke and fire in the area. People could see the incident as it (the structure which exploded) was near the road.
“But now I think the situation is under control because there have been no instructions for us (residents) to relocate.”
Another witness, Muslim Mustafa, 30, said he also felt strong vibrations after the explosion.
“I was asleep when I heard a loud explosion. The noise caused my door to shake and all the neighbours came out to see what had happened,” said Muslim, who works as a material controller at the project site.
Corporate communications executive Calvin Fong, who lives in Simei, told CNA that he was jolted awake by the noise from the blast.
“I was half asleep when I jolted up due to a loud boom sound. My windows shook as well,” said the 33-year-old.
“My first thought was that it could be really loud thunder. As I couldn’t go back to sleep, I checked the news outlets on my Facebook to see if there were any reports, but there were none.
“However, a friend living in Pasir Ris posted to ask if anyone else heard a loud sound with a shockwave that shook his windows.”
A preliminary report on the incident was expected from Malaysia’s Department of Occupational Safety and Health (DOSH) on Friday afternoon.
The Johor DOSH had already instructed its team to initiate investigations, Deputy Minister Mahfuz Omar said.
Orchard Road smoking ban: Fines for smokers who light up outside ‘yellow boxes’ from Apr 1
this is index.phpSINGAPORE: Smokers who light up outside designated smoking areas in Orchard Road may be fined from Monday (Apr 1), said the National Environment Agency (NEA), following a three-month advisory period where errant smokers were let off with warnings.
The Orchard Road precinct was designated a No Smoking Zone from Jan 1 this year, save for about 50 designated smoking areas – or yellow boxes – where individuals can light up.
A three-month advisory period was implemented after Orchard Road was declared a No Smoking Zone to “give members of the public sufficient time to adjust”, NEA said in a release on Friday.
The advisory period will end on Sunday and enforcement action will be taken against errant smokers from Monday.
Those caught smoking outside the designated smoking areas may face composition fines of S$200, or court fines of up to S$1,000.
NEA said it issued “a high average of 1,900 advisories a day” in the first week of January when the No Smoking Zone first kicked in.
This fell more than 70 per cent to an average of 550 advisories a day in mid-March 2019, it added.
NEA enforcement officers began issuing written, instead of verbal advisories, to errant smokers from Mar 18 and since then, the number of advisories has dropped further to 87 a day, said NEA.
RAISING AWARENESS OF ORCHARD ROAD NO SMOKING ZONE
“NEA has reached out to the management of building premises situated in the No Smoking Zone, to remind them on the commencement of enforcement,” it said in the release.
NEA has asked for their assistance in implementing the measures, such as by replacing bins with ashtrays with those without, and asking smokers to stop smoking when violations are observed within their premises.
Outreach efforts to the general public have also been carried out to remind people that Orchard Road is a No Smoking Zone, including through advertisements at selected MRT stations, signs, posters and brochures.
NEA said it will continue efforts to raise the general awareness of the Orchard Road No Smoking Zone.
“Members of public can expect to see floor stickers at selected locations along the main pedestrian thoroughfare in the No Smoking Zone”, NEA said.
“Electronic posters will also be displayed at the baggage claim areas in Changi Airport terminals, brochures will be made available at Tourist Information racks in Changi Airport arrival halls, and there will be advertisements put up at Changi Airport MRT station,” it added, noting that informational materials will be placed at shops selling tobacco products islandwide.
NO SMOKING ZONE HAS “IMPROVED OVERALL VISITOR EXPERIENCE”: SURVEY
NEA said that a public sentiment survey it conducted on Orchard Road being demarcated a No Smoking Zone showed that more than 80 per cent of respondents “agreed that the amount of second-hand tobacco smoke in the main thoroughfare has reduced, and the overall visitor experience has improved”.
The poll was conducted with 539 respondents between January and mid-March 2019 in Orchard Road.
“Even among the 20 per cent of respondents who are smokers, 82 per cent agreed that the NSZ has reduced second-hand tobacco smoke while 62 per cent agreed that the NSZ improved overall visitor experience,” NEA said.
New guidelines for earthwork contractors aim to reduce telecom cable cuts
this is index.phpSINGAPORE – A set of requirements for contractors who carry out earthworks will take effect on June 1 in a move to reduce incidents of underground telecommunications cables being cut by mistake, the Infocomm Media Development Authority (IMDA) said on Monday (March 18).
The guidelines were developed by the IMDA with the telecom system licensees which operate Singapore’s cable network. Under the new requirements, they will be required to assist contractors before earthworks begin.
For example, joint meetings must be held at the worksite among the licensees, contractors and a licensed telecommunication cable detection worker to ensure there are no discrepancies between the service layout plan, the cable detection worker’s report and worksite conditions.
Licensees and contractors will also be required to inspect trial holes dug together to verify the location of all cables and determine whether diversion works are needed.
Similar procedures already exist but differ in standard among the 22 licensees here. The new framework thus standardises the procedures contractors must follow before starting earthworks, giving more clarity to contractors, the IMDA said.
The new requirements also specify the measures contractors must comply with when telecommunications cables have to be diverted.
There have been 26 cable-cut incidents since February 2016. Most were due to earthworks contractors not following procedures and failing to exercise due diligence, the IMDA said.
A cut fibre-optic cable in Jurong West disrupted Internet and fixed voice services for almost 30 hours in April 2017, the longest such outage to date. A similar incident disrupted Internet services for more than 24 hours for 10,000 customers in the eastern part of Singapore last November.
Under the Telecommunications Act, those found guilty of damaging telecommunications cables while carrying out earthworks can be fined up to $1 million and jailed for up to five years.
Fibre network operators here welcomed the new requirements.
Fibre operator NetLink Trust’s chief operating officer Chye Hoon Pin said: “We are fully supportive of the revised process. The measures will further reduce accidental damage to the critical fibre network infrastructure which can cause unnecessary inconvenience to service providers and their customers.”
Singapore Contractors Association president Kenneth Loo agreed that the increased clarity was a step in the right direction but called for a further streamlining of approval processes.
He added: “No one wants to damage anything on purpose and more clarity is always good. But earthworks are only one stage of any construction project and it would be more productive if there was a one-stop authority that oversees all the requirements and can approve the commencement of works in one go.”
Personal information of more than 800,000 blood donors exposed online by tech vendor: HSA
this is index.phpSINGAPORE: The personal information of 808,201 blood donors in Singapore was left exposed on the Internet for a period of nine weeks from Jan 4, after the data was mishandled by a vendor of the Health Sciences Authority (HSA).
The information, which included names and NRIC numbers, was only secured on Wednesday (Mar 13) after a cybersecurity expert discovered the vulnerability and alerted authorities.
Preliminary investigations by HSA showed that other than the expert who flagged the vulnerability, no other unauthorised person had accessed the database online.
“The expert has confirmed to HSA that he does not intend to disclose the contents of the database,” it said. “HSA is in contact with the expert on deleting the information.”
Explaining the incident on Friday, HSA said the vendor, Secur Solutions Group, had been given a copy of all HSA’s blood donor records for updating, as some donors who had used the self-help kiosks said that their personal information was not up to date.
The tech vendor then placed the information on an unsecured database that was connected to the Internet on Jan 4 this year, and failed to put in place adequate safeguards to prevent unauthorised access, HSA said in a media release.
Information on the database included names, NRIC numbers, gender, number of blood donations, dates of the last three blood donations and, in some cases, blood type, height and weight.
“The database contained no other sensitive, medical or contact information,” said HSA.
The vendor’s decision to put the donor data on an Internet-facing, unsecured database was done without HSA’s knowledge and approval, the agency said.
On Mar 13 at 9.13am, HSA was informed by the Personal Data Protection Commission (PDPC) that a cybersecurity expert had alerted them to the database vulnerability. HSA then contacted Secur Solutions at 9.35am to remove the unsecured database from the Internet, and it was fully secured at 10am, it said.
Preliminary investigations by HSA showed that its centralised blood bank systems were not affected. The agency added that it has made a police report.
HSA CEO Mimi Choong apologised to blood donors over the lapse by its vendor.
“We would like to assure donors that HSA’s centralised blood bank system is not affected,” she said.
“HSA will also step up checks and monitoring of our vendors to ensure the safe and proper use of blood donor information.”
An HSA spokesperson also told Channel NewsAsia it is considering available legal options, including “termination of the vendor’s services”.
This is the fourth IT-related incident to have hit the Health Ministry in the past nine months, including the SingHealth cyberattack last June that saw the health records of 1.5 million Singaporeans stolen.
In a separate media release on Friday, Secur Solutions Group said it is conducting a thorough review of its IT systems.
“The affected server was immediately secured upon notification of the unauthorised access,” said a spokesperson. “We have engaged external cybersecurity professionals, KPMG in Singapore, and initiated a thorough review of our IT systems. We are working closely with HSA and other authorities in continuing investigations.”
Singapore Red Cross CEO Benjamin William said in a press release it is “unfortunate” the personal information of blood donors has been compromised.
“I would like to assure our blood donors that, together with our partner HSA, safeguarding the confidentiality of donor information is our utmost priority,” Mr William said.
Dr Choong made a similar request for blood donors not to stop giving blood.
She said: “I deeply appreciate the 1.84 per cent of our population who are blood donors, and have provided valuable support for the national blood programme through these years.
“We value their contributions and sincerely hope the improper handling of the registration-related information by our vendor does not deter them from continuing their donations.”
Cyber espionage group Whitefly behind SingHealth hack: Symantec
this is index.php Between mid-2017 and mid-2018, Whitefly launched targeted attacks against multiple organisations. Many of these were either based in or had a presence in Singapore, says the IT security vendor.
SINGAPORE: For the first time since last July, when the Government made public the cyberattack on SingHealth, a little-known hacking group has been publicly identified to be behind what is considered the most serious breach of personal data in Singapore’s history.
IT security vendor Symantec released a new study on Wednesday (Mar 6) identifying this attack group, which it dubbed Whitefly.
The group has targeted mostly Singapore organisations or multinational companies with a presence in Singapore since at least 2017, and is primarily interested in “stealing large amounts of sensitive information”, the report added.
Mr Brian Fletcher, director of Government Affairs for Australia-Pacific, Singapore, Japan and Korea, told Channel NewsAsia in a phone interview ahead of the report’s release that the group probably comprise “five to 20-odd people”, is “extremely well resourced” and, as such, is likely to be a “state-sponsored espionage group”.
He however declined to name the nation state behind Whitefly.
“Identifying who or what organisation is directing or funding that activity is not in the scope or focus of what we do,” Mr Fletcher said. “This level of attribution requires the substantial resources, time and access to information that is generally available only to law enforcement or government intelligence agencies.”
The report noted that Whitefly usually attempts to remain within a targeted organisation for long periods of time, often months, in order to steal large volumes of information.
It also uses publicly available tools like Mimikatz – something Mr Fletcher said is a common tool for penetration testers to suss out an organisations’ loopholes – to obtain authentication credentials. These credentials allow Whitefly to compromise more machines, and the tactic is repeated again and again until it gains access to the desired data, it added.
“THESE GUYS ARE REALLY GOOD”
“It is our assessment that it is a state-sponsored espionage group. It means that they are trying to stealthily create a presence on the network and over a long period of time, get access to sensitive information,” Mr Fletcher said of Symantec’s ongoing research.
“Exactly what they are using (the data) for really depends on who their sponsor is and how they are planning to operate.”
The way Whitefly operates on the network, the things it is after and the amounts of data point to an espionage group rather than a criminal group trying to steal data for profit, he added.
“They’re not your everyday smash-and-grab group; these guys are really good. They’re using custom tools, a combination of custom tools, commercial hacking tools … it’s not something you’d see in your everyday criminal group,” said the Symantec executive.
These findings appear to corroborate what Minister for Communications and Information S Iswaran said last August in his ministerial statement, when he called the attack the work of an advanced persistent threat (APT) group that is usually state-linked.
He also said the SingHealth cyber attacker had used advanced and sophisticated tools, including customised malware that was able to evade the healthcare provider’s antivirus software and security tools. Once they got into the system, they took steps to remain in the system undetected before stealing patients’ information, including that of Prime Minister Lee Hsien Loong.
WHITEFLY PART OF A BIGGER GROUP?
The report said SingHealth was not the only Singapore-based entity Whitefly attacked as well.
Symantec said the suspected espionage group has attacked organisations in the healthcare, media, telecommunications and engineering sectors here, and Mr Fletcher said the victims numbered “less than 10”.
The report said Whitefly launched targeted attacks against these organisations from mid-2017 to mid-2018. Mr Fletcher declined to share how many of these attacks were successful, other than to say it was a mixed bag with one obvious success in SingHealth.
He also had “no knowledge” as to whether the sensitive information stolen, and specifically information from the SingHealth breach, has been published online or not.
The executive cautioned against thinking Whitefly has stopped its espionage activities since 2018, Rather, they are likely to have “changed their tooling” in terms of how they attack companies, especially after a high-profile incident like that of SingHealth threw a spotlight on its methods, Mr Fletcher said.
The report also said some of the tools that Whitefly used in its attacks have also been deployed in other targeted attacks outside Singapore. For example, between May 2017 and December 2018, a multi-purpose command tool was used by the group in attacks against “defence, telecoms and energy targets in Southeast Asia and Russia”.
“The tool appears to be custom-built and, aside from its use by Whitefly, these were the only other attacks where Symantec has observed its use.”
The cybersecurity company said it is possible Whitefly performed these attacks, but it’s more likely that they were carried out by one or more other groups with access to the same tools. This means Whitefly could be just one group in a wider group tasked with carrying out an intelligence-gathering operation, it added.
Asked for comment on the report by Channel NewsAsia, the Cyber Security Agency of Singapore said it had no comment on the report and its contents “given that this was an independent investigation report by a commercial entity”.
Source: https://www.channelnewsasia.com/news/singapore/singhealth-hack-whitefly-cyber-espionage-group-symantec-11317330
Hotspot in Johor could bring ‘slightly hazy’ conditions to Singapore: NEA
this is index.phpSINGAPORE: A hotspot in southern Johor could bring “slightly hazy” conditions to Singapore if the winds change, said the National Environment Agency (NEA) on Monday (Feb 25).
The hotspot was detected about 30km to the east of Singapore, NEA said.
“Prevailing winds over Singapore have been blowing from the northeast, but a change in the wind direction could bring slightly hazy conditions to Singapore,” it added.
NEA was responding to Channel NewsAsia’s queries about a burning smell across Singapore.
Over the weekend, residents reported a smoky or hazy smell in areas such as Bedok, Pasir Ris, Woodlands, Choa Chu Kang, Bukit Panjang, Sengkang, Bishan and Thomson.
On Monday, NEA said it received feedback on a burning smell in the eastern part of Singapore between 9pm on Sunday and 11am on Monday.
During this period, the pollution standards index (PSI) in the east was 52 to 55, which is in the moderate range. The one-hour PM2.5 readings were in the normal range, said the agency.
“We are closely monitoring the air quality,” said NEA.
“Members of the public, including the elderly, children and those with lung/heart diseases, can continue with normal activities.”
The latest reports come about three weeks after residents in the eastern part of Singapore complained in early February about a smoky smell in the air. NEA attributed that incident to a fire at a landfill at Bandar Tenggara in Johor.
In a separate incident in mid-February, NEA said reports of a burning smell detected in the northeast of Singapore were likely related to a separate fire at Tanjong Langsat landfill in Pasir Gudang.
To keep HDB lifts working, they risk their safety time and again
this is index.phpThese lift technicians are exposed to occupational hazards like falls and electric shocks to ensure that residents have smooth and safe rides, as On The Red Dot discovers.
SINGAPORE: Few people are aware of just how great the risks are for a lift technician. One could fall down the lift shaft, get electrocuted by high-voltage wires or even be pinned under the lift while working on it.
Last month, a worker was killed during lift upgrading works in a public housing block. In 2017, a technician died after a lift pinned him to the top of the shaft.
In 2016, there were at least 10 lift incidents, including instances of injuries to passengers and the death of one.
That is why lift technicians like Mr Mohammad Hazri Ghazali place great emphasis on their safety on the job, and also ensure that they do a good job of maintaining the lifts for residents.
“There are a lot of wires down here,” cautioned the 38-year-old as he pointed to a spot inside a lift shaft.
“If I step on an oily (patch), I may slip and fall. From 30 storeys … I think your body would be smashed, right?”
The risks are amplified when he is activated to attend to faulty lifts at night. He said: “At night, when you’re alone, if you faint or get electrocuted … (or) trip and fall – if anything happens to you – nobody would know.”
WORKING AT HEIGHT
There are about 67,000 lifts (as at July) and some 2,100 lift technicians in Singapore. This works out to around one technician for every 32 lifts.
Up to 1,000 more technicians, however, will potentially be needed in the coming years, National Trades Union Congress assistant secretary-general Melvin Yong said in September. But many people are put off by the dangerous and dirty nature of the work.
And until the industry’s progressive wage model kicks in, some others prefer a better-paying job than the basic starting wage of S$1,300 to S$1,850 for assistant lift specialists.
In Mr Hazri’s case, he started off doing electrical and mechanical work after his National Service, before joining the lift industry as a serviceman 15 years ago.
His duties included maintenance work, changing spare parts, making oiling adjustments and doing minor repairs.
However, he had one big phobia he needed to confront: His fear of heights. To service the equipment, he sometimes had to go up the lift car, located as high as 40 storeys.
He recalled his first time perched atop a lift: His legs were shaking as he peered down. “I was totally scared of heights,” he admitted.
Even now, looking down the lift shaft unnerves him a little “because if I fall … that would be the end of me”.
“That’s why I’m living on the second floor. My wife also has this fear of heights – she agreed that we should stay on a lower floor,” said the father of two.
But he has become braver over time, especially after undergoing safety courses. “It’s not true (that if you’re) afraid of heights, you can’t work as a lift technician,” he added.
“How I overcame my fear was by not thinking about it … Just concentrate on what you’re going to do to troubleshoot. Just try not to look down and think that ‘if I fall down, what’ll happen to me?’”
400-VOLT ELECTRIC SHOCK
Apart from the hazards of working at height, lift technicians risk getting injured by sharp parts and getting electrocuted, especially in the motor room, usually located above the lift shaft on the rooftops of Housing and Development Board blocks.
“The wires are quite high-voltage (and) can kill you,” said Mr Hazri, who has an ex-colleague who suffered concussion from a 400-volt electric shock.
“I advise all the technicians … not to touch (the high-voltage wires). Just use your test pen … to see whether there’s a live (wire) or not. To be safe, switch off the mains.”
When he uses the cat ladder to access the motor room, he makes sure that he maintains three points of contact, which means two hands and one foot, or two feet and one hand, on the ladder at all times.
And he wears personal protective equipment, such as a helmet, protective clothing and a safety harness, whenever he is working.
Another technician, Mr Vellavan Krishnan, said the heat takes a toll on them sometimes. “There’s no fan nor even lights in the hoistway,” he said.
“(If) it’s a very hot day and very humid inside … you may get heatstroke, faint or something. The chances of an accident are very high.”
For Mr Hazri’s part, he is especially cautious when working late at night, as there is often no one to keep a lookout for him. “Late at night, doing calls isn’t as simple as in the day,” he said.
“In the day, everyone is around. You shout, people can hear.”
TAKING A TOLL ON FAMILY
Now as a call-back technician attending to lift breakdowns and faults – instead of servicing equipment – he is frequently on standby duty. This means he could be activated at odd hours.
“I sleep, on average, for about five to six hours. But if I’m on standby, I’d get two hours of sleep, attend to the call and after that (get) another two hours of sleep, then go to work,” he said.
The irregular hours are affecting his family. His wife, Ms Noor Azlen Husin, is often alone at home as she takes care of their newborn son and six-year-old boy, who misses his father when he is not around.
And it can get frustrating for the couple. “My wife keeps calling me and asking where I am and (whether) I’ve eaten or not. When you’re focusing on doing something, you don’t want anybody to call,” said Mr Hazri.
When he returns home late, he sometimes finds them awake, waiting for him and worried about his safety.
It has not been an easy time for Ms Azlen, who also gets “a bit frustrated” when he does not answer her calls or text messages.
“After I gave birth, he said that he’s got a lot of standby (duties) and has to stay late because of a lot of lift upgrading. So I struggled a bit with my babies,” she said.
“I can’t say no. I understand his job scope, so I have to be more understanding.”
But she has wondered what he does at work, as his uniform is often stained. “He said he just repairs the lift, but I didn’t know that he has to climb (to the rooftop),” she added.
“I feel a bit sad because he has to work so hard.”
Mr Hazri hopes his wife will now understand what his job entails. “Maybe she can see that I’m working from a great height, so maybe she won’t call me every time,” he said.
STILL ENJOYING THE JOB
Quite apart from his wife, he has to manage residents who are annoyed when their lifts break down. He feels that some of them do not appreciate the efforts of lift technicians.
“They said new lifts have also broken down. But we can’t assume that new things won’t break down. We just tell them that we’ll try our best to solve the problem,” he said.
Since a spate of lift accidents in 2015 and 2016, the authorities have stepped up maintenance and safety enhancements.
For example, in Taman Jurong in 2015, an elderly woman’s hand was severed after it got trapped between lift doors while she was trying to get her dog to enter.
The next year, an elderly man using a motorised wheelchair died after toppling over backwards when a lift in Pasir Ris stopped above ground level.
The challenges are great, but Mr Hazri enjoys the troubleshooting aspect of his job where he gets to learn more about lift maintenance.
“I feel satisfied after I troubleshoot a lift,” he said. “I’d share (the details) among my group (of colleagues), so the next time they attend to this kind of case, they’d have a rough idea (of what to do).”
He even has a circuit board at home, which he relies on during his days off to help his colleagues who face difficulties on site.
He hopes to pass his skills and knowledge to a new generation but reckons that lift technicians like him are a dying breed, their jobs to be replaced by robots in future.
In fact, Surbana Jurong, which monitors about 25,000 lifts in Singapore, has been looking at artificial intelligence to mitigate the manpower shortage.
“Maybe in future … robots can detect the fault, then the technicians come and (rectify it),” said Mr Hazri. “So I hope that the electronics can (take) the lift industry to a higher standard.”
41 people died in 2018 after suffering injuries in the workplace: MOM
this is index.php21 Feb 2019 06:20PM
SINGAPORE: Forty-one people suffered fatal injuries while at work in 2018, while the overall number of workplace injuries rose last year, according to the Ministry of Manpower‘s (MOM) Workplace Safety and Health Report released on Thursday (Feb 21).
A workplace injury is a personal injury or death resulting from a workplace accident, and includes work-related traffic injuries.
Last year, 41 people died after getting injured in the workplace. That is one lower than the previous year, the report said.
The overall number of workplace injuries rose from 12,498 cases in 2017 to 12,810 cases in 2018, an increase of about 2.5 per cent.
Both major and minor workplace injury cases increased last year, with 596 workers sustaining major injuries, compared to 574 cases the previous year. Workplace minor injuries also saw an increase in 2018, from 11,882 the year before to 12,173 cases.
Minister of State for Manpower Zaqy Mohamad said the rise in workplace injuries was a “cause for concern”.
MOST DEATHS IN CONSTRUCTION
The overall workplace injury rate – which takes into account the total number of fatal and non-fatal workplace injuries divided by the total number of employed people – rose from 369 per 100,000 employed persons in 2017 to 373 per 100,000 employed persons in 2018.
Falls from height, slips, trips and falls, and vehicular-related incidents remained the top causes of fatal injuries in 2018, although the number of vehicular-related fatal incidents halved in 2018 compared to 2017.
Construction remained the industry with the highest number of fatalities.
Falls from height overtook vehicular-related incidents as the leading cause of fatal injuries in 2018, with the latter seeing a halving of cases last year.
Authorities in a press release cited the “pronounced increase” in major injuries from slips, trips, and falls – seen across a variety of industries, including traditionally low-risk ones – as an area of concern.
As for occupational diseases, these decreased by 30 per cent last year compared to the year before.
Work-related musculoskeletal disorders, noise-induced deafness and occupational skin diseases have remained the top three occupational diseases since 2016, and MOM said it would continue to focus prevention efforts in these areas.
Last year saw a number of workplace injury cases make the news, including that of a 48-year-old construction worker who died after falling from a raised platform at the Lentor MRT station worksite.
Similarly, a foreign worker died after he fell from a building at a Housing and Development Board worksite along Canberra Street.
An SMRT employee was injured while carrying out maintence work near Joo Koon MRT station last December. The employee suffered foot injuries and was taken to hospital.