Ex-UOB employee charged over disclosure of customer data

A former employee of UOB was charged in a district court yesterday after she allegedly disclosed the details of more than 1,100 bank customers to scammers.

Cao Wenqing, 26, who is said to have fallen for a scam involving people posing as China police, faces 29 charges under the Computer Misuse Act and the Banking Act.

The China national is accused of committing the offences in April this year.

The court heard that Cao, a Singapore permanent resident, intends to plead guilty to her charges.

Her bail was set at $15,000 yesterday and her case has been adjourned to Sept 10.

In an earlier statement, the police said Cao was working at UOB when she allegedly accessed and conducted queries on the bank's electronic customer database without authorisation.

She is said to have accessed the information of more than 3,300 customers.

She is also accused of disclosing the information of over 1,100 customers to somebody claiming to be from the "Shanghai police".

According to court documents, the information includes their names and nationalities as well as telephone and bank account numbers.

The police statement said officers from the Commercial Affairs Department conducted investigations after Cao made a police report claiming that she had fallen prey to a China officials impersonation scam.

Responding to queries from The Straits Times yesterday, UOB said it has dismissed Cao.

"We are very sorry that 1,166 customers were affected," said a spokesman for the bank.

"At UOB, we have zero tolerance for any behaviour that breaks the trust our customers place in us. We acted promptly to protect our customers and to support the authorities in their investigations.

"Upon detection, we stepped up our monitoring of the affected accounts and we were in regular contact with customers to ensure that their accounts remained secure. Our multi-layer security measures kept the affected customers' accounts safe from the people behind this scam."

Under the Computer Misuse Act, any person who commits the offence of unauthorised access of computer material can be jailed for up to two years and fined up to $5,000 on each charge.

Under the Banking Act, a person convicted of an offence of unauthorised disclosure of customer information can be jailed for up to three years and fined up to $125,000 on each charge.