Singapore sees world's highest third-party breach incidents

This highlights a growing vulnerability in the digital supply chain.

Singapore saw the highest third-party data breach rate in the world, with 71.4% cyber incidents involving external vendors or partners, according to the latest Global Third-Party Breach Report by cybersecurity firm SecurityScorecard.

This figure is more than double the global average of 35.5%, highlighting a growing vulnerability in the digital supply chains that support Singapore’s highly connected economy.

Despite having relatively fewer breaches overall, Singapore’s breach composition underscores how third-party risks have become the primary vector for cyberattacks in the region.

“Singapore’s high rate (71.4%) appears in our data alongside documented Chinese cyber operations,” the report noted, linking the city-state’s exposure to state-sponsored attacks that exploit trusted access points, such as suppliers, service providers, and software partners.

The report also suggests that Singapore’s affluence, digital maturity, and strategic role as a financial and logistics hub make it an attractive target.

With complex vendor ecosystems and extensive cross-border data flows, attackers are increasingly bypassing direct attacks and instead targeting third parties with weaker security postures.

SecurityScorecard warned that traditional vendor risk assessments are often too slow or infrequent to catch fast-moving threats.

It called for Singapore-based organisations to adopt real-time third-party threat detection and monitoring, especially across cloud services, foreign subsidiaries, and critical sectors such as finance and healthcare.

The findings come amid heightened concern over geopolitical cyber activity in Asia, particularly linked to Chinese espionage campaigns.