Monday, 1 September 2025
28.3 C
Singapore
37.4 C
Thailand
24.3 C
Indonesia
25.8 C
Philippines

DBS and Bank of China customer data exposed after ransomware attack on printing vendor

Over 11,000 DBS and Bank of China customers in Singapore had data exposed in a ransomware attack on a third-party printing vendor.

More than 11,000 banking customers in Singapore have exposed their personal data after a ransomware attack hit a printing vendor working with DBS Bank and Bank of China (Singapore). While your login information and banking credentials were not compromised, the incident has raised concerns over data privacy and vendor security.

According to a joint statement from the Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) on April 7, the attack targeted Toppan Next Tech, a third-party vendor used by both banks to print and send physical letters to customers.

What happened, and who is affected?

The attack affected approximately 8,200 DBS customers and around 3,000 Bank of China customers. The stolen information came from printed customer statements and letters sent between December 2024 and February 2025. DBS’s affected customers are mainly those using the brokerage service DBS Vickers or the Cashline short-term loan facility.

The type of data exposed includes your name, mailing address, and information related to your investments or loan details. However, DBS confirmed that sensitive information like passwords, login credentials, National Registration Identity Card (NRIC) numbers, deposit balances, or total wealth holdings was not part of the breach.

Bank of China reported that the data may include names, addresses, and loan account numbers in some instances. Like DBS, they stressed that your funds and bank systems remain safe and unaffected.

Vendor breach and bank response

The printing company Toppan Next Tech was the entry point for the attackers. Toppan confirmed in a separate statement that its site at Joo Koon Circle was the target of a random ransomware attack affecting its business operations. The firm said it quickly cut off the hacker’s access point and has since been monitoring the situation closely.

Toppan also engaged a professional forensic investigation company to examine the scale and cause of the breach. Its managing director, Chia Yan Heng, expressed regret over the incident and apologised for the concern it caused the clients. He said the company is currently conducting a security audit of all systems to ensure the highest data protection standards in the future.

In response to the breach, DBS stated that customer documents were sent to Toppan as encrypted files. It is still unclear if the attackers managed to decrypt these files. The bank has since stopped all printing activities with Toppan and raised its monitoring of affected accounts to detect any unusual activity. Affected customers are also being contacted directly.

Authorities and banks taking extra precautions

The CSA and MAS have said they are actively investigating the breach. CSA is helping Toppan manage containment efforts and is working closely with the vendor. MAS is keeping in contact with the banks to ensure that proper security steps are being taken.

Additionally, both DBS and Bank of China have placed the affected accounts under enhanced monitoring and have begun reaching out to those whose data was exposed. Toppan reported the incident to the Personal Data Protection Commission (PDPC) on the evening of April 6.

While your money remains secure, the incident reminds us of the risks that can come from third-party service providers. If you are a bank customer and receive printed statements or letters, you should be extra cautious and stay alert to any unusual activity or mail.

Hot this week

OpenLight raises US$34 million to scale photonics for AI data centres

OpenLight secures US$34M Series A to scale integrated photonics for AI data centres, expanding its PDK and accelerating product innovation.

Windows 11 introduces LE Audio for better Bluetooth sound quality

Microsoft introduces LE Audio in Windows 11 to deliver clearer Bluetooth sound for gaming, calls, and Teams with wider device support.

Double Fine’s Keeper introduces a charming new puzzle adventure

Double Fine’s Keeper is a puzzle adventure featuring a walking lighthouse and a bird companion, launching on 17 October on Xbox and PC.

ASUS unveils TUF Gaming BE9400 WiFi 7 router in Singapore

ASUS launches the TUF Gaming BE9400 WiFi 7 router in Singapore with tri-band speeds, gaming optimisation, and advanced security.

Yooka-Replaylee remaster launches on consoles and PC on 9 October

Yooka-Replaylee launches on 9 October with digital and physical editions, Switch 2 full cartridge, enhancements, and a 30% upgrade discount.

Volvo unveils new XC70 plug-in hybrid with 124-mile electric range

Volvo unveils the XC70 plug-in hybrid, boasting a 124-mile electric range that offers long-distance capability and flexibility for everyday driving.

Escape from Tarkov set to launch on Steam as full release approaches

Escape from Tarkov will launch on Steam ahead of its 1.0 release in November 2025, following years of beta testing and controversy.

Genshin Impact introduces the new Nod-Krai region in Version Luna I update launching 10 September

Genshin Impact Version Luna I launches on 10 September, adding Nod-Krai, new characters, mechanics and rewards to mark its fifth anniversary.

Shoppers face conflicting advice from ChatGPT and Google’s AI tools

A study reveals that ChatGPT and Google AI frequently disagree on brand recommendations, with notable differences in transparency and citation levels.

Related Articles

Popular Categories