Ransomware attack on printing vendor exposes customer data at DBS and Bank of China

A ransomware attack on Toppan Next Tech (TNT), a third-party printing service provider, has compromised the personal data of thousands of customers from two of Asia’s major financial institutions—DBS and the Bank of China. Although the core banking systems of both institutions remained untouched, the breach has raised concerns about data security practices involving external vendors.

The incident came to light after TNT, which handles the printing of confidential customer communications such as account statements and letters, reported a cyberattack that led to unauthorized access to encrypted files. These files had been sent by the banks for routine printing and dispatch.

DBS, headquartered in Singapore and one of the region’s most prominent banks, confirmed that approximately 8,200 customer statements were affected. Most of the compromised documents are associated with DBS Vickers investment accounts and Cashline loan facilities. While sensitive financial details such as passwords, national identification numbers, and deposit balances were not exposed, personal information including names, residential addresses, and equity holdings may have been accessed by the attackers.

According to a preliminary investigation by TNT, the affected DBS documents spanned a three-month period from December 2024 through February 2025. The bank emphasized that its internal systems were not infiltrated and that customer funds remain safe. “Customers’ deposits and funds are unaffected,” DBS said in a statement, adding that there is no evidence of unauthorized transactions linked to the breach. As a precaution, DBS has suspended all printing operations with TNT and stepped up surveillance for unusual activity across customer accounts.

Lim Him Chuan, Singapore Country Head for DBS, acknowledged the seriousness of the breach, stating, “The confidentiality of our customers’ personal information is of paramount importance to us, and we understand the seriousness of the situation.” Investigations are ongoing, and it is not yet clear if the cybercriminals succeeded in decrypting the stolen files.

Similarly, the Bank of China has confirmed that around 3,000 of its customers were impacted. The exposed data includes names, addresses, and in some instances, loan account numbers. Despite the breach, the bank assured customers that their accounts remain secure and fully functional. “Your accounts remain secure and fully operational,” the bank stated in its official communication.