A ransomware attack on the printing vendor Toppan Next Tech (TNT) has resulted in a breach of customer data belonging to DBS and Bank of China, Singapore.
The incident, confirmed by the Cyber Security Agency of Singapore (CSA) and the Monetary Authority of Singapore (MAS) on 7 April 2025, was first reported to the Personal Data Protection Commission the previous evening.
The attack led to the extraction of customer information from both financial institutions.
Authorities emphasised, however, that no login credentials were compromised.
DBS disclosed that it was notified of the breach at approximately 10.20pm on Saturday, 5 April.
Preliminary findings revealed that customer statements or letters belonging to around 8,200 individuals had potentially been accessed.
A significant portion of these relate to DBS Vickers accounts, with the rest involving Cashline loan accounts.
The bank stressed that its internal systems were unaffected. “Customers’ deposits and monies remain safe.
So far, there is also no evidence of any unauthorised DBS transactions resulting from the incident,” DBS stated.
According to DBS, TNT’s initial assessment indicated that the compromised documents largely involved individual customer correspondence dated between December 2024 and February 2025.
These documents were sent to TNT in encrypted files for printing.
At this stage, it remains uncertain whether the threat actor was able to decrypt the stolen data.
Information potentially exposed includes customers’ names, postal addresses, and investment or loan-related details. The affected files do not contain sensitive data such as login credentials, NRIC numbers, deposit balances or total wealth information.
Following the notification, DBS immediately suspended all ongoing printing operations with TNT and launched an internal review.
Customers whose email addresses are registered with the bank will be informed by Tuesday, while others will be contacted via post.
Lim Him Chuan, DBS Singapore’s country head, stated that customer data confidentiality was of “paramount importance.”
He added, “To protect customers, we have halted all printing jobs with TNT and ramped up surveillance to monitor any unusual activity on potentially impacted accounts. We are sorry for the anxiety caused.”
The CSA is currently assisting TNT with its investigation and advising on containment steps.
MAS confirmed that it is in active communication with the impacted banks to monitor their mitigation efforts and outreach to customers.
CSA and MAS noted that both banks have placed the affected accounts under heightened monitoring and are prioritising communication with affected customers.
As ransomware threats grow more advanced, the CSA urged organisations to consult its advisory for preventive and responsive measures.
It also encouraged regular data backups, patching of software vulnerabilities, and continuous monitoring of IT systems.
DBS has reminded customers to stay vigilant against phishing and other scams. These may take the form of emails, SMS messages, or even unsolicited letters impersonating the bank or other authorities.
Scammers often attempt to trick victims into revealing one-time passwords (OTPs), digital token approvals, or credit card details.
Customers are strongly advised not to interact with any unverified links, QR codes, or individuals claiming to represent the bank. Any suspicious activity should be reported immediately.
DBS customers who suspect they may have fallen victim to a scam are encouraged to call the bank’s fraud hotline at 1800-339-6963 (or +65 6339-6963 if overseas).
The bank also provides a Safety Switch feature allowing customers to temporarily restrict access to their accounts.
Affected individuals are further advised to lodge a fraud report with the Singapore Police Force to facilitate further investigations.
The post Ransomware attack on printing vendor affects DBS and Bank of China customer data appeared first on The Online Citizen.
