Skip to main content

Advertisement

Advertisement

Standard Chartered clients’ monthly bank statements stolen

SINGAPORE — Nearly 650 Standard Chartered Private Bank clients’ monthly bank statement for February have been stolen, the bank said today (Dec 5).

TODAY file photo

TODAY file photo

Follow TODAY on WhatsApp

SINGAPORE — Nearly 650 Standard Chartered Private Bank clients’ monthly bank statement for February have been stolen, the bank said today (Dec 5).

The bank, which was alerted to the theft by the police, said its investigations showed the theft occurred through one of the servers of a third party service provider, Fuji Xerox Singapore, which the bank engaged to print bank statements for its Private Bank clients. It did not occur through the bank’s IT and data security systems, said Standard Chartered.

Standard Chartered said that the 647 affected clients had not found any unauthorised transactions resulting from this incident. “As a precautionary measure, the bank is contacting its affected Private Bank clients. No Wholesale Banking clients, SME and retail customers are affected,” said the bank.

Confirming that the bank had lodged a report on Monday, the police said that they discovered the files containing data on the bank's clients in a laptop seized from James Raj Arokisamy, the alleged "Messiah" hacker. James Raj, 35, is currently facing one charge under the Computer Misuse and Cybersecurity Act for allegedly hacking into the Ang Mo Kio Town Council’s website from a Kuala Lumpur apartment on Oct 28 — while he was a fugitive from the Singapore authorities — as well as four other drug consumption charges.

The Monetary Authority of Singapore (MAS) said it will review Standard Chartered’s investigation report and “consider if regulatory action against the bank is warranted”.

“Globally, financial institutions (FIs) have been facing an increasing number and variety of security threats. MAS takes a serious view of such threats and has stringent requirements in place for FIs to protect the security of their IT systems and confidentiality of client data,” said the MAS, in a statement.

The MAS noted that while this case of theft is “an isolated case”, it “underscores the need for heightened vigilance in FIs”. The authority added that it has reminded all financial institutions to heighten vigilance to safeguard their IT systems and customer information, and is paying special supervisory attention to the institutions’ compliance with MAS’ requirements for IT outsourcing.

Standard Chartered and Fuji Xerox are working with the police as part of the investigation into this matter.

Standard Chartered Chief Executive Ray Ferguson said: “The confidentiality and privacy of our clients are of paramount importance to us, and we take this incident very seriously. Customer data protection is our responsibility and we sincerely apologise to all our customers and specifically to our Private Bank clients who have been affected.”

Fuji Xerox Singapore Chief Executive Bert Wong said: “We share the Bank’s concerns on the theft of information on this system, and deeply regret the incident. There was unauthorised access by a third party to a server dedicated to Standard Chartered Private Bank in a standalone printing facility.

“This is the first time in Fuji Xerox Singapore’s history that such an incident has occurred. So far, we have taken all appropriate action to protect the integrity of our server systems. A forensic team is also conducting a thorough review. There was no impact on the data of customers on any other systems.”

Related topics

web security

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.