A recent ransomware attack on Toppan Next Tech (TNT), which is contracted by DBS to print customer statements, has led to a data breach. DBS reported that approximately 8,200 customers’ personal data could have been compromised during the attack. However, DBS clarified that its internal systems were not affected, and there is no evidence of unauthorized transactions on customer accounts. The impacted customers primarily include those using DBS Vickers and Cashline services, with investigations continuing into the extent of the breach.
The data potentially exposed in the attack includes customers’ names, addresses, and information about equities held through DBS Vickers and Cashline loans.
However, DBS confirmed that sensitive data such as login credentials, NRIC details, or deposit balances were not part of the breach. The bank stressed that the breach did not originate from its systems but from TNT’s printing services. Affected customers who have registered email addresses with DBS will be notified of the breach by April 8, while those without email registration will be informed by physical mail.
DBS has responded swiftly to the breach by halting all printing jobs with TNT and increasing surveillance on potentially impacted accounts. The bank has also apologized to its customers for the anxiety caused by the situation and reassured them that their deposits and money remain safe. Affected individuals are advised to call DBS’s dedicated fraud hotline or use the bank’s Safety Switch feature to block access to their accounts temporarily.
The bank also recommends that impacted customers file a fraud report with the Singapore Police Force for further protection.
Similarly, the Bank of China’s Singapore branch reported that around 3,000 customers were also affected by the same ransomware attack. The compromised data in this case includes customer names, addresses, and loan account numbers, but no banking credentials or transaction details were exposed. Both banks have placed impacted accounts under enhanced monitoring and are prioritizing communication with affected customers. The Monetary Authority of Singapore (MAS) and the Cyber Security Agency of Singapore (CSA) are assisting TNT with the investigation and containment measures, ensuring that both banks implement effective risk-mitigating strategies.
Reference:
