Cybersecurity Incident at Shanghai Tunnel Engineering Co Affects MRT and NEWater Projects

Severity: Low (Score: 36.9)

Sources: Channelnewsasia, Straitstimes

Summary

A cybersecurity incident has been reported at Shanghai Tunnel Engineering Co (Singapore), a contractor for the Jurong Region Line and Changi NEWater Factory 3. The Land Transport Authority (LTA) confirmed that no ongoing construction has been impacted, but the company’s access to LTA's digital systems has been temporarily suspended. The national water agency PUB stated that no sensitive data from the NEWater facility was compromised; the affected data consisted of publicly available project tender documents. Screenshots allegedly showing internal financial data were sent to a news outlet, prompting further investigation. Shanghai Tunnel Engineering Co acknowledged the incident and is working with external cybersecurity specialists while cooperating with law enforcement. The exact nature and timeline of the attack remain unclear. Key Points: • Shanghai Tunnel Engineering Co is under investigation for a cybersecurity incident. • No sensitive data from the Changi NEWater Factory 3 was compromised. • The incident involved publicly available project tender documents.

Key Entities

• Data Breach (attack_type)
• Land Transport Authority (company)
• Sanli M&E Engineering (company)
• Singapore (country)
• CWE-200 - Exposure of Sensitive Information (cwe)
• Government (industry)