News From Multiple Perspectives

Personal Data of 70,000 People Compromised After Cybersecurity Incident Involving SLA Vendor IBM

Published July 5, 2026 at 3:43 PM UTC

Authored by
Every article published on DirectionFreeNews undergoes editorial review by our editorial team. Our editors research publicly available information from multiple trusted news organizations, compare differing perspectives, verify key facts, and publish balanced summaries intended to help readers better understand important events. Our editorial process is designed to reduce editorial bias by considering multiple reputable sources rather than relying on a single viewpoint

In a significant cybersecurity incident, the Singapore Land Authority (SLA) has reported that the personal data of approximately 70,000 individuals was compromised due to unauthorized access in a cloud environment managed by IBM. The breach occurred in a development and testing environment for the Singapore Titles Automated Registration System (STARS) and the eLodgment System (ELS), both of which are maintained by IBM. The affected dataset, created in 1998 and updated periodically, was intended to contain only mock and anonymized data based on property ownership and lodgment records. However, it was discovered that the dataset included real personal information, such as names, National Registration Identity Card (NRIC) numbers, and property addresses of about 70,000 individuals. This information should have been anonymized but was not, leading to the exposure of sensitive personal data. The SLA emphasized that the compromised environment is separate from its operational systems, and there is no connection or compromise to the live systems used for operations of STARS, ELS, or any other SLA systems. Property ownership and lodgment records in STARS and ELS remain secure and unaffected. IBM has revoked access associated with the affected development and testing environment to prevent any further unauthorized access. As a precautionary measure, the SLA has identified the individuals whose information was contained in the affected dataset and has begun notifying them, advising them on how they can seek further information and assistance. The SLA is working closely with IBM, the Government Technology Agency of Singapore, and the Cyber Security Agency of Singapore to investigate the incident, establish the full facts, and ensure that the necessary remedial measures are taken. A police report has been lodged, and the Personal Data Protection Commission has been notified. The SLA has also advised members of the public to remain vigilant against phishing emails, phishing websites, text messages, or telephone calls from parties claiming to represent government agencies or other organizations. The authority apologized for the concern and inconvenience this incident may cause.