Singapore Traffic Police data exposed after ransomware attack on printing vendor
Learn More
Singapore authorities are reporting a data breach that exposed personal information of approximately 1,300 persons with traffic violations. Their data was published online following a ransomware attack on a third-party printing vendor. The leaked data was discovered online on July 18 2025.
The breach originated from a ransomware attack that targeted Toppan Next Tech (TNT) on April 1, 2025. TNT, a printing vendor contracted by Singapore's Traffic Police, had received sensitive data from law enforcement authorities for printing and bulk mailing correspondence to traffic violators. Exposed data includes:
- Names of traffic offenders
- Home addresses
The Traffic Police had provided TNT with additional sensitive information including NRIC (National Registration Identity Card) numbers and detailed traffic violation records. Authorities claim that only names and addresses were found published online. It's unclear whether the sensitive information is also stolen and can be published.
Singapore authorities claim that the Traffic Police's internal systems were not breached, and the data compromise was solely the result of the ransomware attack on the third-party vendor's infrastructure.
The same cyber incident had previously affected two major financial institutions - DBS Bank and Bank of China's Singapore branch - compromising data of over 11,000 banking customers. TNT reported the initial ransomware attack to Singapore's Personal Data Protection Commission on the evening of April 6, 2025.
Singapore Police confirmed they will notify all affected individuals. Citizens whose data was compromised are advised to remain vigilant by monitoring their personal accounts for suspicious activities, including potential phishing attempts or fraudulent communications.
