In a chilling reminder of the growing vulnerability of third-party data handlers, some customer data from DBS Group (Singapore) and Bank of China (Singapore) may have been compromised following a ransomware attack on Toppan Next Tech (TNT), a vendor entrusted with printing and mailing sensitive documents. The breach, disclosed on April 7, has sparked concern over the security of client information across the region’s top banks.
DBS acknowledged that statements of approximately 8,200 clients may have been accessed but clarified that its core banking systems and customer deposits were not affected. Similarly, the Bank of China revealed that 3,000 clients were impacted, primarily due to printed communications distributed through TNT. The banks have reassured clients that financial assets remain safe, though the same cannot be said for certain types of personal data.
Details of Compromised Information Revealed
The affected data includes names, mailing addresses, and in some cases, loan account numbers and information tied to cashline loans and equity holdings. For DBS clients, the breach centered around statements from its trading arm DBS Vickers, with the majority of the affected communications dated between December 2024 and February 2025. Meanwhile, Bank of China clients whose printed letters were handled by TNT have had similar data exposed.
Investigations are ongoing, but preliminary findings indicate that the attack occurred on April 5 and specifically targeted TNT’s internal systems, not the banking infrastructure directly. The banks acted quickly to notify regulators and begin mitigation efforts to limit the spread and damage of the leak.
ALSO READ: Call for Cyber Experts: Join FCRF Academy as Trainers and Course Creators
Regulators Step In as Institutions Brace for Fallout
The Monetary Authority of Singapore (MAS) is in “close engagement” with the affected institutions to ensure customer communication and risk mitigation efforts are thoroughly conducted. Additionally, the Cyber Security Agency of Singapore (CSA) has confirmed its involvement in aiding TNT’s investigations.
This incident follows a growing trend of ransomware actors targeting vendors and third-party service providers as an entry point into critical sectors. Industry experts have emphasized the need for more rigorous audits and risk assessments of outsourced service providers, especially those handling customer PII (personally identifiable information).