Ransomware attack on vendor exposes DBS, BOC Singapore customer data

A ransomware onslaught connected Toppan Next Tech (TNT), a printing vendor, has perchance exposed idiosyncratic information of astir 11,200 customers from DBS Bank and Bank of China's (BOC) Singapore branch.

Preliminary investigations suggest that lawsuit statements and letters were compromised during the breach.

DBS Bank has disclosed that the ransomware onslaught whitethorn person affected lawsuit statements and letters of astir 8,200 customers.

The slope emphasised that determination has been nary grounds of unauthorised transactions stemming from the incident, with the breach chiefly affecting brokerage DBS Vickers and indebtedness work Cashline.

On the different hand, BOC Singapore has reported that astir 3,000 customers mightiness person been impacted by the information breach, involving insubstantial letters printed and distributed by Toppan.

Both DBS and BOC assured that their interior systems stay unafraid and lawsuit deposits are safe.

TNT's archetypal reappraisal suggests that the perchance compromised documents were chiefly sent to idiosyncratic customers, with dates spanning December 2024 to February 2025. It remains uncertain if the cybercriminals were capable to decrypt the encrypted files sent by DBS for printing.

The accusation astatine hazard includes customers' names, postal addresses, and details of equities held with DBS Vickers, arsenic good arsenic Cashline indebtedness information.

However, delicate details specified arsenic login credentials, passwords, and nationalist recognition numbers were not contained successful the affected documents.

Following the breach, DBS has ceased each printing operations with Toppan and has accrued surveillance to observe immoderate antithetic relationship activities.

BOC highlighted that the information breach included lawsuit names, addresses, and successful immoderate instances, indebtedness relationship numbers, but did not compromise transaction banking accusation oregon login details.

Toppan informed the Personal Data Protection Commission astir the onslaught connected 6 April, stated the Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS).

CSA is assisting Toppan with the probe and containment measures, portion MAS is intimately moving with the affected banks connected their hazard simplification strategies.

The banks progressive person initiated enhanced monitoring of the applicable accounts and are proactively reaching retired to the affected customers.

Toppan described the incidental arsenic a "random ransomware attack" connected its Joo Koon Circle tract and said it has “immediately chopped disconnected the introduction constituent from which the attacker entered the network”.

The institution is besides moving with a specializer forensic probe steadfast to find the scope and origin of the attack.