Cybersecurity Incident in Singapore Transport and Water Project

Ongoing investigations into a cybersecurity incident involving a company engaged in transport and water projects in Singapore.

Cybersecurity Incident in Singapore Transport and Water Project
Cybersecurity Incident in Singapore Transport and Water Project

Authorities in Singapore are conducting an investigation into a cybersecurity incident involving Shanghai Tunnel Engineering, which is engaged in the Gerong Regional Transport Line project and the new water plant in Changi. The Land Transport Authority (LTA) confirmed that there is no impact on ongoing construction activities.

As a precautionary measure, the authority has suspended the company's digital access to its systems. The authority reported that it has notified the police and relevant regulatory bodies about the incident, without providing additional details regarding the nature of the data involved.

Details of the Incident

The Public Utilities Board (PUB) clarified that no sensitive data related to the new water plant in Changi has been compromised. It indicated that the data affected by the breach pertains to project tender documents, which are publicly available through the government procurement portal GeBIZ.

The authority also confirmed that Shanghai Tunnel Engineering does not have access to the authority's digital systems. The incident was revealed after reports were received about internal company data being compromised, with screenshots sent to the media showing files related to financial information such as cash flows and payments.

Background & Context

The Gerong Regional Transport Line project, which is the seventh in Singapore's subway network, is part of the country's transportation infrastructure development plan. The project contract was awarded in 2019 for an amount reaching SGD 465.1 million.

The new water plant in Changi is an advanced facility for water recycling, with its contract valued at SGD 205 million awarded in November 2025 to Sanli M&E Engineering, which formed a partnership with Shanghai Tunnel Engineering.

Impact & Consequences

This incident highlights the importance of cybersecurity in major projects, especially those related to critical infrastructure such as transport and water. Any vulnerabilities in this area could lead to serious repercussions for data integrity and the reliability of services provided to citizens.

Investigations by the authorities continue to determine the extent of the incident's impact, which may affect the reputation of the companies involved and their future operations. Additionally, this incident could prompt other companies to enhance their cybersecurity measures to avoid similar situations.

Regional Significance

Cybersecurity incidents are a concern for all nations, including Arab countries, where reliance on technology is increasing across various sectors. Arab nations should learn from this incident to strengthen their cybersecurity strategies, particularly in infrastructure projects.

In conclusion, this incident reflects the necessity for effective strategies to protect data and information, contributing to building trust in major projects and ensuring the continuity of vital services.

What is Shanghai Tunnel Engineering?
A company specialized in building transport and underground spaces, involved in major projects in Singapore.
What is the Gerong Regional Transport Line project?
A project aimed at developing the subway network in Singapore, considered the seventh in the country.
How can cybersecurity be enhanced in major projects?
By implementing effective strategies and training employees on how to handle cybersecurity threats.

· · · · · · · ·