SINGAPORE – A recent ransomware attack targeting printing vendor Toppan Next Tech has raised concerns over customer data security at two major banks, DBS Bank and Bank of China, Singapore. The Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) confirmed the breach, although no sensitive login information was compromised.
Details of the Breach
According to the banks, approximately 8,200 DBS customers and 3,000 Bank of China customers were potentially affected. The data compromised primarily includes customer names, postal addresses, and details regarding accounts but excludes login credentials or financial balances.
- DBS Bank: Statements related to DBS Vickers accounts and short-term loan service Cashline were impacted. The potentially compromised documents were dated between December 2024 and February 2025.
- Bank of China: Similar information was revealed, with names, addresses, and some loan account numbers being the only details disclosed.
Response and Mitigation Measures
In response to the incident, DBS Bank has immediately halted all printing jobs with Toppan and has increased surveillance to monitor unusual account activity. Meanwhile, Bank of China is also reaching out to affected customers to reassure them of their account safety.
Both banks emphasized that customer funds remain secure and there have been no reported unauthorized transactions related to this incident. CSA and MAS are actively assisting Toppan with investigations and advising on containment measures.
Investigation Ongoing
Toppan reported the ransomware attack to the Personal Data Protection Commission and is closely monitoring the situation while engaging forensic experts to investigate further. Chia Yan Heng, the Managing Director of Toppan, expressed regret for the incident and stated that a security audit is underway.
As ransomware attacks become increasingly frequent, authorities are urging organisations to adopt stronger preventative measures, referencing guidance available from CSA.