[SINGAPORE] About 8,200 customers of DBS Bank – as well as 3,000 from the Bank of China’s Singapore branch – have had their customer information compromised after a printing vendor was hit by a ransomware attack.
On Monday (Apr 7) night, DBS Bank said it was informed by Toppan Next Tech (TNT), one of its vendors for the printing of customer statements and letters, on Apr 5 at 10.21 pm that it had been a victim of a ransomware attack.
The majority of the compromised statements and letters relate to accounts under the bank’s brokerage arm, DBS Vickers. The remaining statements mainly consist of Cashline loan accounts.
The bank said that customer data in the statements and letters that could have potentially been compromised include first and last name, postal address, as well as details relating to equities held under DBS Vickers and Cashline loans.
It noted that the statements and letters do not contain log-in credentials, passwords, NRIC details, deposit balances or total wealth holdings.
Bank of China’s Singapore branch said about 3,000 of its customers whose paper letters were printed and distributed by TNT were affected by the incident.
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Data exposed included customer names and addresses and in some cases, the loan account numbers, it said. No transaction banking information or credentials such as customer log-in information were compromised, with accounts remaining “secure and fully operational”.
Both DBS and Bank of China said its internal systems were not compromised by the ransomware attack and that customers’ deposit and monies “remain safe”. There is no evidence of any unauthorised DBS transactions resulting from the incident so far, added DBS.
In a separate joint statement released on Monday night, the Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) said they were aware of a ransomware attack reported by TNT to the Personal Data Protection Commission on the evening of Apr 6.
“The attack has led to customer information from DBS Bank and Bank of China Limited, Singapore branch, being extracted by the threat actor,” both agencies said.
Based on a preliminary review by TNT, DBS said the potentially compromised statements and letters were those largely sent to individual customers dated December 2024, January 2025 and February 2025.
The bank sends customer statements and letters to TNT for printing in encrypted files. It added that it is unknown if the threat actor was able to decrypt these files as investigations are still ongoing.
“While the incident did not occur within DBS’ systems, the bank takes the matter very seriously,” it said.
The bank will be contacting potentially affected customers “as a matter of priority”, with impacted customers who have registered their e-mail address with the bank to be informed by Tuesday.
Should the bank not have the customer’s e-mail details, it will inform these individuals through physical mail sent directly from the bank on Tuesday.
Lim Him Chuan, country head of DBS Singapore, said: “The confidentiality of our customers’ personal information is of paramount importance to us, and we understand the seriousness of the situation.”
Upon being notified of the incident, the bank immediately halted all printing jobs with TNT to protect its customers, he said. It also ramped up surveillance to monitor any suspicious or unusual activity on potentially impacted accounts.
CSA said it was aiding TNT in its investigations and advising on containment measures. Meanwhile, MAS said it is closely engaging affected banks on their risk mitigating measures and follow-up with customers.
“The impacted banks have placed the relevant accounts on enhanced monitoring, and are contacting affected customers as a matter of priority,” both agencies added.
CSA noted that ransomware threats are increasing in frequency and sophistication, and advised organisations to refer to its advisory for ransomware prevention and mitigation measures.
Shares of DBS closed at S$39.28, down S$4.02 or 9.3 per cent on Monday, before the announcement.
