Public systems are meant to benefit the public and help them in certain ways. However, there will always be people who will find and exploit the loopholes those systems offer.
A 28-year-old Malaysian was recently charged for abusing Singapore’s Health Promotion Board (HPB) Loyalty Programme. The perpetrator, Ong Lee Boon, faces three charges which include cheating by personation and computer abuse. Currently, he has been sentenced to 18 months in prison, which will begin on 12th October.
Singapore’s Health Promotion Board was set up to encourage people to cultivate healthy lifestyles. Using their Loyalty Programme, Singaporeans would be rewarded for completing qualifying activities on their HealthHub platform. With the points earned, members could redeem rewards which include TransitLink fare credits and supermarket vouchers.
When Ong first used the system in 2018, he discovered how beneficial it was. Using his Foreign Identification Number (FIN), he set up an account on the platform and successfully earned points. He then used the points to redeem rewards. When he later obtained permanent residency in Singapore, Ong used his ID card to set up a new account on the platform. To his surprise, the system registered the account.
Ong saw that the system could be exploited and took advantage of it. With a lot of testing, he discovered that an account would still be registered although the ID number and name did not match. He planned to make multiple “ghost accounts” to earn more points. Using a software, he generated random ID numbers and matched them with names he took from his workplace’s customer database or names he made up himself.
Between 26th September 2018 and 14th April 2019, he had a total of 1,213 fake accounts. Ong also registered multiple email addresses and purchased nearly 500 SIM cards to hide his tracks. He used an Excel spreadsheet to keep track of all his accounts and used another software to quickly and automatically answer quizzes to earn points.
With his fake accounts, Ong redeemed a total of S$29,000 from travel expenses and shopping vouchers. Some of the vouchers were sold for S$17,230. Ong claimed he’d given the money to his sister in Malaysia for renovation-related expenses. Although Ong put a lot of forethought and planning into his scheme, he was eventually caught. On 18th March 2019, Mr. Ho Juan San, the chief of the HealthHub app, lodged a police report about suspicious activity on the platform.
On 17th April 2019, Ong was arrested. Since then, he has made full restitution to HPB. His lawyer explained that Ong’s brother in-law had gambling debts while his family was facing credit card debt. Apparently, Ong had decided to use the HPB Loyalty Programme loophole to solve his family’s financial problems. Ong’s lawyer claims he is genuinely remorseful.
Initially, Ong was to be sentenced to jail for at least 20 months. His actions had undermined the public’s confidence in the network. However, Ong’s lawyer argued that his defendant had come clean to his company and was still hired by them.
Additionally, the judge observed that Ong’s operation involved “substantial planning and premeditation”. However, they also acknowledged he had repaid his gains in full. With these facts in mind, Ong was given a lighter sentence. Normally, offenders convicted of cheating by personation can either be jailed for up to five years, fined or both.