Skip to main content

DBS & Bank of China Data Compromised in Third-Party Cyber Attack

 



On April 6, 2025, a ransomware attack targeting a third-party printing vendor, Toppan Next Tech (TNT), led to a breach involving customer information from DBS Bank and Bank of China’s Singapore branch. The incident was reported to the Personal Data Protection Commission (PDPC) by TNT, and both the Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) released a joint statement the following day.

TNT’s systems were compromised, resulting in customer data from the two banks being extracted by an unidentified threat actor. However, login credentials such as usernames, passwords, and digital tokens were not accessed during the breach.

DBS Bank was notified of the incident at around 10:20 pm on April 5, 2025. According to preliminary investigations, the information potentially compromised includes customer letters and account statements relating to approximately 8,200 individuals. Most of the affected documents are tied to DBS Vickers accounts, while the rest involve Cashline loan account holders.

The bank clarified that these documents were encrypted before being transmitted to TNT for printing. It is still unknown whether the attackers were able to decrypt the files. Nonetheless, as a precautionary measure, DBS has suspended all ongoing and future printing jobs with TNT.

The affected statements and letters were dated between December 2024 and February 2025. Information in the documents may include names, mailing addresses, and details of investment holdings and loan accounts. Importantly, they do not contain sensitive information such as login credentials, NRIC numbers, account balances, or overall wealth summaries.

In response to the incident, DBS Singapore Country Head Lim Him Chuan stated that safeguarding customer information is of utmost importance. He expressed regret over the distress caused by the breach and assured that additional surveillance measures are in place to monitor suspicious activity linked to the affected accounts.

Impacted customers who have registered their email addresses with the bank will be notified via email by Tuesday. Those without email registration will receive physical letters. DBS is also advising customers to remain vigilant against potential scams, including phishing attempts via SMS and email. The bank reminded customers never to share banking credentials, OTPs, or click on suspicious links and QR codes.

CSA has been assisting TNT with the investigation and implementing containment measures. MAS has been closely coordinating with both affected banks to ensure appropriate risk mitigation and prompt customer outreach.

Authorities have stressed the importance of strengthening cyber defenses, particularly against the rising threat of ransomware. Organisations are urged to follow CSA advisories on cybersecurity best practices.

To further protect themselves, DBS customers are encouraged to activate the bank’s “Safety Switch” to temporarily block access to their funds in case of suspicious activity. Suspected scam victims should immediately report incidents to the DBS fraud hotline at 1800-339-6963 (or +65 6339-6963 from overseas) and file a report with the Singapore Police Force.

While the breach did not originate from DBS’ internal systems, the incident highlights the vulnerabilities associated with outsourcing services to external vendors and the growing need for secure data transmission practices.


Labels

Labels:
Location: Singapore

Comments

Post a Comment

Popular posts from this blog

New Punggol Northshore BTO Plagued by Water Seepage and Electrical Hazards

  ***Update: HDB, Maincon and Consultant has came down to the unit to check. Will update on status once we have more information. A Punggol Northshore BTO homeowner, who moved into his newly renovated flat in July 2024, has voiced frustration over severe water leakage issues that have left his unit unsafe and unlivable. Water has been observed seeping from an electrical powerpoint, with puddles forming on the floor and walls showing bubbling and signs of damage from moisture. The source of the leak appears to be an external wall adjacent to the master bedroom, according to assessments by the main contractor. However, the leakage has already caused significant damage to the flat's walls and paintwork, leaving the homeowner distressed. Adding to the frustration, the main contractor advised the homeowner to avoid using the affected power switches in the living room and bedroom due to the risk of a short circuit. Despite the warning, the homeowner has no choice but to turn on the light...
Post a Comment
Read more

The Gateway to Singapore’s Digital Future, Punggol Coast MRT Station Opens Today!

  The Punggol Coast MRT station, the 17th station on the North East Line (NEL), officially opened on December 10, 2024. Located in the heart of the Punggol Digital District (PDD), it extends the NEL’s total length to 22 km and enhances accessibility for over 200,000 households within a 10-minute walk of an NEL station. Senior Minister Teo Chee Hean, speaking at the launch, emphasized the station's role in transforming Punggol Town into a vibrant, connected, and sustainable hub. Travel time for Punggol North residents to Outram Park is now reduced to 45 minutes, down from 60 minutes. Transport Minister Chee Hong Tat highlighted the foresight in planning Singapore’s transport infrastructure, such as provisions made two decades ago for the Cross Island Line interchange at Punggol MRT station. This long-term approach underscores Singapore’s commitment to future generations. The station integrates seamlessly with PDD, a 50-hectare smart and sustainable district focusing on digital indus...
Post a Comment
Read more

Crackdown on Illegal Ride-Hailing with 4 Drivers Caught in LTA Operation

  In a recent operation conducted by the Land Transport Authority (LTA) of Singapore, four drivers were caught and had their vehicles impounded for providing illegal ride-hailing services. These unauthorized services operated both within Singapore and across the border to Malaysia, posing significant risks to passengers. The LTA has issued a stern warning to the public, advising against using such illegal services due to the lack of proper licensing and insurance, which can leave passengers vulnerable in the event of accidents. The operation underscores LTA’s commitment to ensuring the safety and regulation of ride-hailing services in Singapore. Drivers caught offering illegal ride-hailing services without a valid Public Service Vehicle (PSV) Licence face severe penalties, including fines of up to $3,000, imprisonment for up to six months, or both. These measures are in place to deter unlicensed operators and protect passengers from potential harm. Illegal ride-hailing services oft...
1 comment
Read more