MAS warns stolen SingHealth data could be used in bank fraud

Financial institutions are discouraged from relying on the stolen information for customer verification.

The Monetary Authority of Singapore has urged financial institutions to tighten customer verification processes in light of the recent cyberattack at government public health database SingHealth wherein the personal information of 1.5 million individuals including the Prime Minister were illegally accessed. 

All financial institutions are discouraged from relying on the information stolen from the attack (name, NRIC number, address, gender, race and birth date) for verifying customer identities. Additional information like One-Time password, PIN, biometrics and last transaction date is needed before transactions can be performed on behalf of the customer, the de-facto central bank said in a statement.

“MAS has also directed all financial institutions to conduct a risk assessment of the impact of the SingHealth incident on their existing control measures for financial services offered to customers, including transaction and inquiry functions,” it added.

Customers should also remain vigilant by safeguarding passwords, notifying banks in case of suspicious activity and practising good cyber hygiene, added Tan Yeow Seng, MAS chief cybersecurity officer.

On its part, OCBC is working overtime to tighten its customer verification process in line with the directive. “We have in place a set of rigorous authentication measures to validate our customer’s identity before proceeding with the request. However, to combat the risks arising from the SingHealth incident, we have further enhanced our customer verification process to prevent any unauthorised financial transactions,” said Koh Ching Ching, head, group corporate communications at OCBC Bank.

"At UOB, we are committed to protecting our customers from cybersecurity threats. We remain vigilant and are constantly monitoring developments and enhancing our systems to ensure that we detect and respond to potential cybersecurity risks and threats promptly," a UOB spokesperson said.

The spokesperson added that customers should also work with banks in safeguarding data.

"We remind our customers that UOB does not send unsolicited SMS or emails asking them to provide their personal or account details." 

Join Singapore Business Review community
Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!

Thanks to the renewal of interest in the Singapore market.
The electronics cluster showed the most optimism.
The initiative aims to improve the overseas service exports environment.
This is the group’s 2nd sustainability notes issuance in the SGD bond market.
A Jefferies report said Singapore banks have enough buffers.
HongkongLand, CapitaLandInvest, and ComfortDelGro showed the most growth.
Mizuho Securities Asia Limited will be the notes dealer.
The company’s first batch has been fully allocated in the country.
The total consideration of up to $539m over three years will take effect. 
This is to address the increased global demand for healthcare products.
Thanks to the company's improved distribution channels.
Hiring activities online increased by 55.7% in August.
CapitaLandInvest, Capland IntCom T, and Sembcorp Industries showed the most growth.
This low turnout is due to the large quantum of the project, experts say.