Saturday , July 4 2026
IBM

IBM-managed instance breach exposes personal data of 70,000 in Singapore

The Singapore Land Authority (SLA) has announced that the personal details of around 70,000 people were leaked after someone accessed a cloud system managed by IBM, their tech provider.

IBM was chosen to help with and keep up SLA’s Singapore Titles Automated Registration System (Stars) and eLodgment System (ELS), which are important for registering property titles and submitting property documents in the city. As part of this job, the company handled the setup and testing for the two systems.

Singapore major data centres, cloud providers could incur fine up to $1m

Major data center and cloud service providers might have to pay a fine of up to $1 million or up...
Read More
Singapore major data centres, cloud providers could incur fine up to $1m

IBM-managed instance breach exposes personal data of 70,000 in Singapore

The Singapore Land Authority (SLA) has announced that the personal details of around 70,000 people were leaked after someone accessed...
Read More
IBM-managed instance breach exposes personal data of 70,000 in Singapore

Alibaba Reportedly Bans Claude Code for Suspected AI Tool Backdoor

Alibaba is said to be getting ready to ban the use of Anthropic’s Claude Code in its own systems starting...
Read More
Alibaba Reportedly Bans Claude Code for Suspected AI Tool Backdoor

CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a serious problem affecting Microsoft SharePoint Server to its list of...
Read More
CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

Nepal Unveils First “Hall of Fame” for Ethical Hackers

Nepal has started a 'Hall of Fame' program to honor cybersecurity researchers who safely report security flaws in government digital...
Read More
Nepal Unveils First “Hall of Fame” for Ethical Hackers

900+ Oracle E-Business instances Exposed Online

The Shadowserver Foundation found about 950 Oracle E-Business Suite (EBS) systems on the internet around the world. This discovery came...
Read More
900+ Oracle E-Business instances Exposed Online

India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

The Indian government issued a notice WhatsApp planned to roll out its new 'username' feature. They are worried about fake...
Read More
India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising...
Read More
Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Chrome Update Patches 382 Vulnerabilities, Including 15 Critical

Chrome 151 has a new update that fixes 382 security problems. This includes 15 critical issues that could allow attackers...
Read More
Chrome Update Patches 382 Vulnerabilities, Including 15 Critical

Apple fixes more than 30 iOS, macOS, and Safari flaws

Apple released security updates on Monday for iOS, macOS, and Safari. These updates fix more than thirty issues, including four...
Read More
Apple fixes more than 30 iOS, macOS, and Safari flaws

On 3 July 2026, SLA announced that IBM told them about the incident. Early checks showed that a dataset made only for development and testing had been accessed without permission.

The dataset, made in 1998 and updated over the years, was supposed to have only fake and hidden testing data about property ownership. But, SLA found out that the dataset also included names, NRIC numbers, and property addresses of the people involved at that time.

“This information should have been anonymised but was not,” the agency said, adding that investigations are ongoing to determine how this occurred.

SLA noted that the affected environment is “distinct and separate” from its operational systems, with no connection to, or compromise of, the live systems that run Stars, ELS or any other SLA systems. Property ownership and lodgement records remain secure and unaffected, it added.

IBM has cut off access to the affected area to stop any more unauthorized entry. Meanwhile, SLA has found the people whose information was in the dataset. They have started telling them and guiding them on how to get more information and help.

The agency is teaming up with IBM, the Government Technology Agency, and the Cyber Security Agency of Singapore to find out what happened and to take action. They have also made a police report and informed the Personal Data Protection Commission. They are telling people to stay alert for phishing emails, fake websites, text messages, and phone calls from those pretending to be government agencies or other groups.

“We apologise for the concern and inconvenience this incident may cause,” SLA said.

In April 2025, Toppan Next Tech, a printing company for DBS Bank and the Singapore Bank of China, suffered a ransomware attack. The attacker stole customer data. About 8,200 DBS customers, mainly those with DBS Vickers trading accounts and Cashline loans, and around 3,000 Bank of China customers might be affected.

A year earlier, in August 2024, a hacker broke into Mobile Guardian, a tool for managing mobile devices used in Singapore’s schools. The hacker wiped the iPads and Chromebooks of around 13,000 students from 26 secondary schools. After this, the Ministry of Education took the software off all student devices and ended its deal with the supplier.

Singapore’s AI strategy 2.0 to include localized LLM

Check Also

LastPass

LastPass says hackers stole customer data via Klue, supply chain breach

LastPass has reported a security issue with its vendor, Klue. This incident allowed an attacker …