More than 11,000 DBS, Bank of China customers’ information compromised after data attack on vendor

Customer data from two banks here was stolen in a ransomware attack on a printing vendor, though no login information was compromised.

In a joint statement late on April 7, the Cyber Security Agency of Singapore (CSA) and Monetary Authority of Singapore (MAS) said the two banks were DBS Bank and Bank of China, Singapore (BOC).

DBS said the customer statements of around 8,200 customers were potentially compromised, while BOC separately said that the breach affected around 3,000 customers, whose paper letters were printed and distributed by Toppan Next Tech.

Both banks added that their respective systems had not been compromised, and customer monies remained safe. DBS added that there was no evidence of unauthorised transactions resulting from the incident so far.

According to DBS, the affected customers are mainly users of brokerage DBS Vickers and short-term loan service Cashline.

The potentially compromised information came from statements or letters sent to individual customers between December 2024 and February 2025.

Customer data exposed in these statements includes names, postal addresses, as well as details relating to equities held under DBS Vickers and Cashline loans, said DBS, adding that the documents do not contain login credentials, passwords, NRIC details, deposit balances or total wealth holdings.

DBS added that it sends such statements to Toppan in encrypted files, and it is unclear if the hacker had decrypted the files. The bank said it has halted all printing jobs with Toppan and raised surveillance to monitor unusual activity on the potentially impacted accounts.

BOC said that the customer data compromised included names, addresses and, in some cases, loan account numbers.

CSA is assisting Toppan with investigations, while also advising the firm on containment measures. MAS is also in contact with the affected banks on their risk-mitigating measures.

Both banks have placed the relevant accounts on enhanced monitoring, and are contacting affected customers, said CSA and MAS.

Toppan reported the attack to the Personal Data Protection Commission on the evening of April 6, according to the joint statement.

In a separate statement on April 7, Toppan said its Joo Koon Circle site was “the victim of a random ransomware attack to its business operations”.

It added that it “immediately cut off the entry point from which the attacker entered the network” and is monitoring the situation closely.

Toppan has engaged a specialist forensic investigation company to help look into the scope and cause of the incident.

Toppan managing director Chia Yan Heng said: “We deeply regret that this incident has occurred and apologise sincerely for any disruption or concern caused to our clients.

“We are in the process of conducting a security audit on all systems in order to ensure we continue to provide the best possible service to our clients.”

Source: The Straits Times © SPH Media Limited. Permission required for reproduction.

Impractical for doctors to obtain explicit consent for each act in medical procedure: High Court Judge Property tycoon Robert Ng and three children to be designated politically significant persons under Fica