DBS has reported a ransomware attack on vendor Toppan Next Tech (TNT), which may have compromised customer statements for DBS Vickers accounts, though the bank’s systems remain unaffected.

On 5 April 2025 at 10:21 p.m., TNT, a vendor for printing customer statements, informed DBS that it had been attacked by ransomware. Based on preliminary investigations, customer statements/letters of about 8,200 DBS customers have been potentially compromised. The majority of these statements/letters relate to DBS Vickers accounts. The remainder is made up of mainly Cashline loan accounts. Investigations into the incident are ongoing.

DBS’ systems are not compromised. Customers' deposits and monies remain safe. So far, there is also no evidence of any unauthorised DBS transactions resulting from the incident.

TNT’s preliminary review indicates that the potentially compromised statements/letters were those largely sent to individual customers, dated December 2024, January 2025 and February 2025. DBS sends customer statements/letters to TNT for printing in encrypted files. As investigations are still ongoing, it is not known if the threat actor was able to decrypt the files. Customer data in the statements/letters that could have potentially been compromised include first and last name, postal address, as well as details relating to equities held under DBS Vickers and Cashline loans. The statements/ letters do not contain login credentials, passwords, NRIC details, deposit balances or total wealth holdings.

While the incident did not occur within DBS’ systems, the bank takes the matter very seriously, and is contacting potentially affected customers as a matter of priority. Impacted customers who have registered their email address with the bank will be informed by tomorrow. Where DBS does not have the customer’s email details, the customer will be informed by physical mail sent directly from the bank tomorrow.

In addition, upon being notified of the incident, the bank immediately took these actions:

Halted all printing jobs with TNT Heightened surveillance to monitor any suspicious or unusual account activity to better protect impacted customers

DBS Singapore country head Lim Him Chuan said, “The confidentiality of our customers’ personal information is of paramount importance to us, and we understand the seriousness of the situation. To protect customers, we have halted all printing jobs with TNT and ramped up surveillance to monitor any unusual activity on potentially impacted accounts. We are sorry for the anxiety caused.”

DBS would like to remind customers to remain vigilant against scams including phishing scams via email and SMS. Customers should also be careful about scammers impersonating trusted individuals, such as bank representatives and government officials, to trick them into disclosing personal or banking credentials.

For customers’ protection, we advise customers to do the following:

Do not respond to any unsolicited physical letters, emails or SMSes containing links/ QR codes that claim to be from the bank. Banks will never send customers clickable links via SMS or email.

Never disclose to anyone personal or banking credentials, including one-time-passwords (OTPs), digital token requests and credit/debit card details. DBS/POSB staff will never ask customers for such information.

Always verify the authenticity of claims regarding problems with bank accounts or credit cards with the bank.

Review recent account activity and credit/debit card statements for unusual and unauthorised transactions. Customers who suspect that they are a victim of a scam can call DBS’ dedicated fraud hotline at 1800-339-6963 (from Singapore) or (+65) 63396963 (from overseas) and speak to a DBS customer service officer, or activate Safety switch to temporarily block access to their funds. Impacted customers are also urged to lodge a fraud report with the Singapore Police Force.

DBS will continue to take all necessary steps to protect the security and privacy of customers’ personal information.

Re-disseminated by The Asian Banker