Data Breach Hits 70,000 in Cyberattack on SLA Vendor IBM
Personal data of 70,000 compromised after unauthorized access to vendor IBM’s cloud environment linked to Singapore Land Authority systems.
panumas nikhomkhai/Pexels
Personal information belonging to approximately 70,000 individuals was compromised following a cybersecurity incident involving the Singapore Land Authority (SLA) and its vendor IBM, the SLA disclosed on July 3, 2026. The breach occurred through unauthorized access to a data set stored in an IBM-managed cloud environment used for development and testing purposes.
Details of the Security Breach
The incident centers on a cloud environment maintained by IBM that supports the Singapore Titles Automated Registration System (STARS) and the eLodgment System (ELS). These web-based platforms facilitate property-related transactions, allowing lawyers and authorized agencies to submit documents concerning property transfers and caveats.
IBM first alerted SLA to a security incident on June 12, 2026, and subsequently informed the agency on June 15 that personal data may have been accessed without authorization. The affected data set, created originally in 1998 for vendor development and testing, was intended to contain only anonymized and mock data. However, investigations revealed that it included real personal details such as names, NRIC numbers, and previous property addresses of around 70,000 people.
Scope and Impact of the Breach
While the compromised data contained sensitive personal information, SLA emphasized that the dataset was separate from its live operational systems. There was no breach of the STARS or ELS live environments, and property ownership and lodgment records remain secure and unaffected.
SLA noted that because the dataset was created decades ago, many of the property addresses involved are outdated and do not reflect the current residences of the individuals impacted. The agency is still investigating how real data was included in a dataset meant to be fully anonymized.
Response and Measures Taken
IBM has revoked access to the compromised system to halt further unauthorized activity. SLA has begun notifying those affected by the breach and is advising them on precautionary steps they can take to protect themselves from potential phishing or identity fraud attempts.
The agency is collaborating closely with IBM, the Government Technology Agency of Singapore, and the Cyber Security Agency of Singapore to determine the full extent of the breach and to implement appropriate remedial actions. SLA has also filed a police report and informed the Personal Data Protection Commission.
Advice for Affected Individuals
Individuals whose data was compromised are being urged to stay vigilant against phishing emails, suspicious websites, and unsolicited communication seeking personal information. SLA recommends the following precautions:
- Regularly monitor bank and credit card statements for unusual activity
- Be cautious about sharing personal information online or over the phone
- Use strong, unique passwords and consider two-factor authentication where available
- Report any suspicious communications to authorities immediately
SLA aims to complete notifications to all affected parties by the end of the upcoming week as part of its ongoing effort to maintain transparency and support.
This incident highlights the growing cybersecurity risks that can arise even within development and testing environments, underscoring the need for rigorous data protection practices throughout all stages of system management.


