A ransomware attack on printing vendor Toppan Next Tech (TNT) has led to the potential exposure of customer data from DBS Bank and Bank of China’s Singapore branch.
The incident was reported to the Personal Data Protection Commission on the evening of 6 April.
Singapore’s Cyber Security Agency (CSA) and the Monetary Authority of Singapore (MAS) said they are supporting investigations into the breach.
CSA is advising TNT on containment measures, while MAS is working with the affected banks on risk mitigation and customer outreach.
The agencies noted the growing frequency of ransomware threats and urged organisations to refer to CSA’s advisory on preventive measures.
Bank of China and DBS Outline Extent of Data Exposure
Bank of China confirmed that around 3,000 customers were affected by the incident, which involved paper letters printed and distributed by TNT.
The data exposed included customer names, addresses, and, in some cases, loan account numbers.
No transaction banking data or login credentials were compromised.
The bank stated that internal systems remain secure, and customer accounts are safe and fully operational.
BOC advised customers to stay vigilant, monitor their accounts, avoid disclosing sensitive information, and update passwords if they are reused across platforms.
The bank said it is working with relevant parties and will contact individuals directly if their personal data was impacted.
Meanwhile, DBS said it was notified by TNT at 10.21pm on 5 April.
Preliminary findings suggest that statements and letters for around 8,200 customers may have been compromised, mainly involving DBS Vickers accounts and Cashline loan accounts dated between December 2024 and February 2025.
The affected documents were sent to TNT in encrypted files, and it remains unclear whether the attacker was able to decrypt them.
The potentially exposed data includes customer names, postal addresses, and details related to equities or loans.
According to DBS, the files did not contain login credentials, passwords, NRIC numbers, deposit balances, or total wealth holdings.
The bank confirmed that its internal systems were not compromised and that there is currently no evidence of unauthorised transactions arising from the breach.
As a precaution, DBS has suspended all printing jobs with TNT, increased monitoring of potentially affected accounts, and will begin contacting customers from 8 April via email or post, depending on the contact information available.
DBS advised customers to remain vigilant against phishing scams, avoid clicking on links or QR codes in unsolicited messages, and contact the bank’s fraud hotline or activate Safety Switch if fraud is suspected.
Affected individuals are also encouraged to lodge a report with the Singapore Police Force.
Lim Him Chuan, DBS’ Singapore Country Head, said,
“The confidentiality of our customers’ personal information is of paramount importance to us, and we understand the seriousness of the situation.
To protect customers, we have halted all printing jobs with TNT and ramped up surveillance to monitor any unusual activity on potentially impacted accounts. We are sorry for the anxiety caused.”
Featured image credit: Edited from Freepik
