Ransomware Attack Exposes DBS and BOC Customer Data
Ransomware attack on a third-party printing vendor has exposed sensitive customer data from DBS and Bank of China (BOC) in Singapore.
The vendor, Toppan Next Tech (TNT), reported the breach to authorities on April 6. The Cyber Security Agency (CSA) and the Monetary Authority of Singapore (MAS) confirmed the incident the next day.
What Was Compromised in the Attack
TNT handles the printing of customer letters and statements for both banks. Although the data was encrypted, a threat actor extracted files from TNT’s systems.
DBS said that around 8,200 customer records may have been accessed. Most relate to DBS Vickers investment accounts, while others involve Cashline loans. BOC confirmed about 3,000 customers were affected. The stolen data included names, postal addresses, and in some cases, loan account numbers.
However, no passwords, login details, or banking credentials were involved. Therefore, customers’ deposits and accounts remain safe and unaffected.
Banks’ Response to the Incident
Upon discovery, DBS immediately stopped all printing tasks with TNT. The bank also enhanced monitoring of potentially impacted accounts. Affected customers are being notified. Emails are sent where available. For others, physical letters from DBS are on the way.
“Protecting customer data is a top priority,” said DBS Country Head Lim Him Chuan. He assured that DBS systems were not breached.
BOC also confirmed that their internal systems stayed secure. Both banks are now working closely with CSA and MAS to manage the situation.
Authorities’ Investigation and Guidance
CSA is helping TNT investigate the incident and advising on containment. MAS is also reviewing the banks’ mitigation efforts and customer outreach. CSA noted that ransomware attacks are becoming more frequent and complex. Therefore, organizations must be vigilant and update their security postures regularly.
How to Prevent Future Breaches
To reduce future risks, organizations must strengthen their third-party vendor management. That means carefully vetting partners who handle sensitive data.
Organizations should also enforce encrypted file transfers and restrict access based on roles. However, even with strong controls, threats can slip through. That’s where a dedicated Security Operations Center (SOC) service becomes critical. A SOC monitors systems 24/7, detects threats early, and responds quickly to attacks.
By using a SOC, businesses gain real-time visibility and faster incident response. It also helps meet compliance standards and builds customer trust.
In addition to SOC services, regular audits and staff training are essential. Therefore, companies must educate employees to recognize phishing and social engineering tactics. With the right tools and teams in place, organizations can stay resilient against growing cyber threats.
Sleep well, we got you covered.
