Two days after the Ministry of Health's (MOH) bombshell disclosure that data of HIV-positive individuals in Singapore had been leaked online, many questions remain over how this happened, whether the matter has been handled appropriately and if enough has been done to stem the further spread of information that had been obtained illegally.

Key among these questions is why the ministry chose to reveal only on Monday that sensitive data from the HIV Registry involving 14,200 individuals diagnosed with the virus had been compromised, when it appears to have been made aware of breaches on two earlier occasions.