SINGAPORE: A ransomware attack on a printing vendor has led to the extraction of customer information from DBS and Bank of China, Singapore.
The attack was reported by Toppan Next Tech (TNT) to the Personal Data Protection Commission on Sunday evening (Apr 6), the Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) said on Monday.
“The attack has led to customer information from DBS Bank and Bank of China Limited, Singapore branch, being extracted by the threat actor. No customer log-in information has been compromised,” said the authorities.
DBS said that it was informed by TNT of the incident at about 10.20pm on Saturday.
“Based on preliminary investigations, customer statements/letters of about 8,200 DBS customers have been potentially compromised. The majority of these statements/letters relate to DBS Vickers accounts.
“The remainder is made up of mainly Cashline loan accounts. Investigations into the incident are ongoing,” said DBS, adding that its systems were not compromised.
“Customers’ deposits and monies remain safe. So far, there is also no evidence of any unauthorised DBS transactions resulting from the incident.”
The bank said TNT’s preliminary review indicated that the potentially compromised statements and letters were those largely sent to individual customers. They were dated December 2024, January 2025 and February 2025.
DBS said that it sends customer statements and letters to TNT for printing in encrypted files.
“As investigations are still ongoing, it is not known if the threat actor was able to decrypt the files.
“Customer data in the statements/letters that could have potentially been compromised include first and last name, postal address, as well as details relating to equities held under DBS Vickers and Cashline loans,” it said, noting that the documents do not contain login credentials, passwords, NRIC details, deposit balances or total wealth holdings.
While the incident did not occur within DBS’ systems, the bank said it takes the matter seriously and is contacting potentially affected customers.
