The group’s activities aimed at disrupting critical services in Singapore were first publicly disclosed in July 2025. On February 9, 2026, Minister for Digital Development and Information Josephine Teo revealed for the first time that all four telcos had been specifically attacked.
Speaking at an event at the Cyber Security Agency of Singapore (CSA) office in Punggol Digital District to honour cyber defenders involved in the response, Mrs Teo described the assaults as a “deliberate, targeted, and well-planned campaign” against the telecommunications sector.
Authorities confirmed that no sensitive data—such as customer information—was accessed or exfiltrated. Critical systems, including the 5G core networks, remained uncompromised, as the most sensitive components were isolated separately.
Investigations revealed that the attackers managed to extract a small amount of technical data and gained access to a few critical systems. However, they did not advance far enough to disrupt any services.
The Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) emphasised that the threat was contained through coordinated efforts, including the large-scale Operation Cyber Guardian launched in March 2025, which involved over 100 cyber defenders from government agencies and the telcos.
Source Straits TImes