Skip to main content

Advertisement

Advertisement

Ex-UOB employee in S’pore charged with leaking more than 1,100 customers’ details to scammers

SINGAPORE — A 26-year-old former employee of the United Overseas Bank (UOB) here was charged on Friday (Aug 20) with illegally accessing the bank’s electronic customer database and disclosing the information of 1,166 customers to scammers.

Cao Wenqing (right) faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.

Cao Wenqing (right) faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.

Follow us on Instagram and Tiktok, and join our Telegram channel for the latest updates.

  • Cao Wenqing, 26, illegally accessed United Overseas Bank's electronic customer database
  • She disclosed the information of 1,166 customers to scammers
  • She told police she had been fallen prey to an impersonation scam
  • The bank has since fired her

 

SINGAPORE — A 26-year-old former employee of the United Overseas Bank (UOB) here was charged on Friday (Aug 20) with illegally accessing the bank’s electronic customer database and disclosing the information of 1,166 customers to scammers.

Between April 6 and 22 this year, Cao Wenqing allegedly used her work-issued laptop to access the information of more than 3,300 customers in the bank’s database and make queries on them. 

Cao, a Singapore permanent resident from China, is then said to have given the details of more than 1,100 customers to a someone representing the “Shanghai police”.

She later lodged a police report claiming that she fell prey to a scam where people impersonate China officials, the police said on Thursday evening.

In May, UOB said that the affected customers were China nationals. 

Court documents showed that the information released included their names, identification, mobile numbers, nationalities and bank account numbers. Cao purportedly sent these details to someone identified as “Lu” over WhatsApp. 

The bank added that the employee was suspended after her actions were uncovered. It also wrote to all of the affected customers and took several precautionary measures to protect them as they may be targeted by scammers.

The Monetary Authority of Singapore later said that it took a serious view of the customer data breach and would take action against UOB if its regulatory requirements had been breached or supervisory expectations had not been met.

In a statement on Friday, UOB apologised for the breach and said that it had “zero tolerance for any behaviour that breaks the trust our customers place in us”. 

Cao has since been fired from the bank.

It added: “We acted promptly to protect our customers and to support the authorities in their investigations.

“Upon detection, we stepped up our monitoring of affected accounts and we were in regular contact with customers to ensure their accounts remained secure. Our multi-layer security measures kept the affected customers’ accounts safe from the people behind this scam.”

Cao now faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.

Those convicted of the first offence can be jailed for up to two years or fined up to S$5,000, or both. 

Illegally disclosing customer information can attract a jail term of up to three years or a fine of up to S$125,000, or both.

Cao told the court that she intends to plead guilty but wants to hire a lawyer. She will return to court on Sept 10 and remains out on bail of S$15,000.

The police have listed some precautions that people can take when receiving unsolicited calls that may be scam calls. 

These include talking to a trusted friend or relative before acting, ignoring such calls and the caller’s instructions, and refraining from giving out any personal information and details over the internet or the phone.

“No local government agency will demand payment through an undocumented medium like a telephone call or other social messaging platforms, demand that you surrender cash to unnamed persons, or ask you for personal banking information such as your internet banking passwords,” the police said.

Related topics

court crime impersonation scam bank UOB data breach

Read more of the latest in

Advertisement

Popular

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.