Ex-UOB employee in S’pore charged with leaking more than 1,100 customers’ details to scammers
By LOUISA TANG
Published AUGUST 20, 2021
Updated AUGUST 20, 2021
278 SHARES
Nuria Ling/TODAY
Cao Wenqing (right) faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.
Follow us on Instagram and join our Telegram channel for the latest updates.
Cao Wenqing, 26, illegally accessed United Overseas Bank's electronic customer database
She disclosed the information of 1,166 customers to scammers
She told police she had been fallen prey to an impersonation scam
The bank has since fired her
SINGAPORE — A 26-year-old former employee of the United Overseas Bank (UOB) here was charged on Friday (Aug 20) with illegally accessing the bank’s electronic customer database and disclosing the information of 1,166 customers to scammers.
Between April 6 and 22 this year, Cao Wenqing allegedly used her work-issued laptop to access the information of more than 3,300 customers in the bank’s database and make queries on them.
Cao, a Singapore permanent resident from China, is then said to have given the details of more than 1,100 customers to a someone representing the “Shanghai police”.
She later lodged a police report claiming that she fell prey to a scam where people impersonate China officials, the police said on Thursday evening.
In May, UOB said that the affected customers were China nationals.
READ ALSO
Information of 1,166 UOB customers leaked after employee allegedly falls for impersonation scam
Court documents showed that the information released included their names, identification, mobile numbers, nationalities and bank account numbers. Cao purportedly sent these details to someone identified as “Lu” over WhatsApp.
The bank added that the employee was suspended after her actions were uncovered. It also wrote to all of the affected customers and took several precautionary measures to protect them as they may be targeted by scammers.
Subscribe to our email newsletter
SUBSCRIBE
By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.
The Monetary Authority of Singapore later said that it took a serious view of the customer data breach and would take action against UOB if its regulatory requirements had been breached or supervisory expectations had not been met.
In a statement on Friday, UOB apologised for the breach and said that it had “zero tolerance for any behaviour that breaks the trust our customers place in us”.
Cao has since been fired from the bank.
It added: “We acted promptly to protect our customers and to support the authorities in their investigations.
READ ALSO
StarHub finds personal information of more than 57,000 customers on third-party data dump site
“Upon detection, we stepped up our monitoring of affected accounts and we were in regular contact with customers to ensure their accounts remained secure. Our multi-layer security measures kept the affected customers’ accounts safe from the people behind this scam.”
Cao now faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.
Those convicted of the first offence can be jailed for up to two years or fined up to S$5,000, or both.
Illegally disclosing customer information can attract a jail term of up to three years or a fine of up to S$125,000, or both.
Cao told the court that she intends to plead guilty but wants to hire a lawyer. She will return to court on Sept 10 and remains out on bail of S$15,000.
The police have listed some precautions that people can take when receiving unsolicited calls that may be scam calls.
These include talking to a trusted friend or relative before acting, ignoring such calls and the caller’s instructions, and refraining from giving out any personal information and details over the internet or the phone.
By LOUISA TANG
Published AUGUST 20, 2021
Updated AUGUST 20, 2021
278 SHARES
Nuria Ling/TODAY
Cao Wenqing (right) faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.
Follow us on Instagram and join our Telegram channel for the latest updates.
Cao Wenqing, 26, illegally accessed United Overseas Bank's electronic customer database
She disclosed the information of 1,166 customers to scammers
She told police she had been fallen prey to an impersonation scam
The bank has since fired her
SINGAPORE — A 26-year-old former employee of the United Overseas Bank (UOB) here was charged on Friday (Aug 20) with illegally accessing the bank’s electronic customer database and disclosing the information of 1,166 customers to scammers.
Between April 6 and 22 this year, Cao Wenqing allegedly used her work-issued laptop to access the information of more than 3,300 customers in the bank’s database and make queries on them.
Cao, a Singapore permanent resident from China, is then said to have given the details of more than 1,100 customers to a someone representing the “Shanghai police”.
She later lodged a police report claiming that she fell prey to a scam where people impersonate China officials, the police said on Thursday evening.
In May, UOB said that the affected customers were China nationals.
READ ALSO
Information of 1,166 UOB customers leaked after employee allegedly falls for impersonation scam
Court documents showed that the information released included their names, identification, mobile numbers, nationalities and bank account numbers. Cao purportedly sent these details to someone identified as “Lu” over WhatsApp.
The bank added that the employee was suspended after her actions were uncovered. It also wrote to all of the affected customers and took several precautionary measures to protect them as they may be targeted by scammers.
Subscribe to our email newsletter
SUBSCRIBE
By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.
The Monetary Authority of Singapore later said that it took a serious view of the customer data breach and would take action against UOB if its regulatory requirements had been breached or supervisory expectations had not been met.
In a statement on Friday, UOB apologised for the breach and said that it had “zero tolerance for any behaviour that breaks the trust our customers place in us”.
Cao has since been fired from the bank.
It added: “We acted promptly to protect our customers and to support the authorities in their investigations.
READ ALSO
StarHub finds personal information of more than 57,000 customers on third-party data dump site
“Upon detection, we stepped up our monitoring of affected accounts and we were in regular contact with customers to ensure their accounts remained secure. Our multi-layer security measures kept the affected customers’ accounts safe from the people behind this scam.”
Cao now faces 16 charges of unauthorised access to computer material under the Computer Misuse Act, and 13 charges of unauthorised disclosure of customer information under the Banking Act.
Those convicted of the first offence can be jailed for up to two years or fined up to S$5,000, or both.
Illegally disclosing customer information can attract a jail term of up to three years or a fine of up to S$125,000, or both.
Cao told the court that she intends to plead guilty but wants to hire a lawyer. She will return to court on Sept 10 and remains out on bail of S$15,000.
The police have listed some precautions that people can take when receiving unsolicited calls that may be scam calls.
These include talking to a trusted friend or relative before acting, ignoring such calls and the caller’s instructions, and refraining from giving out any personal information and details over the internet or the phone.
