Data Breach Exposes Personal Information of 70,000 in Singapore

Data Breach Exposes Personal Information of 70,000 in Singapore

First seen 3 Jul 2026, 09:25 UTC Businesstimes.SgStraitstimesChannelnewsasiaComputerweeklywww.channelnewsasia.com 92% similarity 57.6
Share:

Article Content

Browse articles
ThreatCluster

A cybersecurity incident involving the Singapore Land Authority's vendor IBM has led to the exposure of personal data for approximately 70,000 individuals. The breach occurred due to unauthorized access to a dataset created for vendor development and testing, which was intended to contain only mock and anonymized data. However, real information, including names, NRIC numbers, and past property addresses, was found in the dataset. The dataset was created in 1998 and had been updated periodically. SLA confirmed that the affected environment is separate from its operational systems, meaning that live systems remain secure. IBM has revoked access to the affected system to prevent further breaches. SLA is notifying affected individuals and advising them on protective measures. Investigations are ongoing, and a police report has been filed.

Key Points: • Unauthorized access to a dataset managed by IBM exposed data of 70,000 individuals. • The compromised dataset included real names, NRIC numbers, and property addresses. • No operational systems were compromised; the affected environment is separate from live systems.

ThreatCluster AI

Timeline

2026-07-03
SLA announces data breach
SLA disclosed that unauthorized access to a dataset managed by IBM led to the exposure of personal data for 70,000 individuals.
Channelnewsasia
2026-07-03
IBM revokes access to affected environment
IBM revoked access to the compromised development and testing environment to prevent further unauthorized access.
Computerweekly
2026-07-03
SLA begins notifying affected individuals
SLA started notifying individuals whose data was compromised and provided guidance on seeking assistance.
Straitstimes
2026-07-03
Police report filed
SLA lodged a police report and notified the Personal Data Protection Commission regarding the incident.
Businesstimes.Sg

Community

Browse all →