Conclusion of Investigation on Data Breach Incident involving 12 Licensed Moneylenders

3 Jul 2025 Posted in Announcements

1. The Registry of Moneylenders under the Ministry of Law (“MinLaw”) has concluded its investigation on the data breach incident involving 12 licensed moneylenders (“LMLs”) detailed in MinLaw’s statement of 25 July 2024. The 12 LMLs were: (1) Ban King Credit (S) Pte Ltd, (2) Credit 21 Pte Ltd, (3) Lending Bee Pte Ltd, (4) Katong Credit Pte Ltd, (5) Credit Thirty3 Pte Ltd, (6) GS Credit Pte Ltd, (7) 1AP Capital Pte Ltd, (8) Creditmaster Pte Ltd, (9) BST Credit Pte Ltd, (10) U Credit (Pte) Ltd, (11) Horison Credit Pte Ltd, and (12) Credit Matters Pte Ltd.

2. The 12 LMLs were found to have contravened section 70(1)(b) of the Moneylenders Act 2008 (“MLA”) by failing to protect information in their possession or under their control by failing to make reasonable security arrangements to prevent unauthorised access to the information, or compromise of the information storage medium. The said contravention is an offence under section 70(2) of the MLA, and carries a penalty of a fine not exceeding $20,000 or imprisonment for a term not exceeding six months, or both.

3. On the conclusion of investigation, the Registrar of Moneylenders offered the 12 LMLs the opportunity to compound the offence in lieu of prosecution for sums between $2,000 and $5,000, with the quantum set based on the extent of the data breach. All compositions have been paid. In addition, warnings were issued to the officers of the respective LMLs who were found to have been negligent in their duties.

4. MinLaw would like to remind LMLs of their obligations in protecting customer data under the MLA and the Personal Data Protection Act 2012.

MINISTRY OF LAW
3 JULY 2025

Last updated on 3 Jul 2025