Image credit: Unsplash
Data on customers from two Singapore banks, DBS Bank and the Bank of China’s Singapore branch, has been compromised after a ransomware attack on a printing services firm used by both, the banks said.
They said their own systems had not been compromised and that customer monies remained safe.
DBS said the customer statements of about 8,200 customers had potentially been affected, while BoC said the attack had affected around 3,000 customers.
Those involved were customers whose statements or letters were printed and distributed by Toppan Next Tech, the banks said.
DBS said there was no evidence of unauthorised transactions resulting from the incident so far.
It said the customers affected were mostly users of brokerage DBS Vickers and short-term loan service Cashline.
The potentially compromised information was found on statements or letters sent to customers between December 2024 and February 2025.
The data included names, postal addresses and information relating to equities held under DBS Vickers and Cashline loans, but no login credentials, passwords deposit balances or total holdings.
The bank said statements are sent to Toppan as encrypted files and it was unclear whether the attackers had decrypted the files.
BoC said the compromised data potentially included names, addresses and, in some cases, loan account numbers.
Both banks said they had increased security monitoring of the affected accounts and were contacting customers.
The Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) said they were working with the banks on the incident.
DBS said it was informed about the hack on 5 April.
In a separate statement Toppan said its facility in Joo Koon Circle in Singapore had been hit by a ransomware attack, adding that the company had “immediately cut off the entry point from which the attacker entered the network” and was working with a forensic specialist to investigate.
The company said it was carrying out a security audit on its systems.
Russian court finds Google liable for YouTube video allegedly disclosing personal data on Russian casualties…
Latest CATL sodium-ion batteries have energy density and range closer to lithium-ion units using cheap…
Amazon's AWS cloud unit pauses some leasing talks around new data centres, analysts say, in…
US trade regulator says Uber signed users up for Uber One plan without their knowledge,…
Appeals court ruling reopens case that had been dismissed, finding Shopify must face trial under…
US Justice Department lawyers argue Google must face wide-ranging remedies including selling off Chrome, with…
![](data:image/svg+xml;charset=utf-8,<svg height="1703px" width="2560px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
