Over the past year, SG Finance Pte. Ltd. experienced a major ransomware incident targeting its hybrid cloud environment. Attackers exploited identity and access management gaps across multiple platforms, encrypting critical databases containing bank statements, self-assessment details and National Insurance numbers. The breach forced the company to shut down several services for 72 hours while restoring backups and negotiating with threat actors. During that period customers were unable to access online banking and credit card services, resulting in over 500 support calls per hour and widespread press coverage. To regain control of encrypted files, the company paid a six-figure ransom, only to discover that some sensitive data fragments had already been exfiltrated and offered for sale on dark-web forums. Although no direct financial theft occurred, the incident led to customer complaints, regulatory inquiries and a 15% drop in new account openings. SG Finance is now conducting quarterly data-security assessments and implementing a zero-trust model, but the reputational damage has prompted an ongoing PR campaign and a projected $2.3 million in remediation costs.
Source: https://www.scworld.com/brief/rubrik-91-of-sg-orgs-hit-by-cyber-incidents
"id": "sin550050725",
"linkid": "singapura-finance-limited",
"type": "Ransomware",
"date": "5/2025",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"