SINGAPORE - All four major telcos in Singapore came under attack by a state-sponsored cyber espionage group UNC3886,

whose activities to disrupt critical services in Singapore were first made public in July 2025

Revealing for the first time on Feb 9 that Singtel, StarHub, M1 and Simba Telecom were the targets, Minister for Digital Development and Information Josephine Teo said: “Our investigations show that the attacks by UNC3886 were a deliberate, targeted and well-planned campaign against our telecommunications companies.”

Mrs Teo was speaking at an event honouring the efforts of cyber defenders against UNC3886 at the Cybersecurity Agency of Singapore (CSA)’s office in Punggol Digital District. 

Investigations showed that the attackers were able to extract a small amount of technical data. While they had accessed a few critical systems, they did not get far enough to disrupt services, she said.

The Infocomm Media Development Authority (IMDA) and CSA said that the most sensitive and critical systems such as 5G networks were locked away separately, and were not compromised. 

Even though no sensitive data was seen or exfiltrated, Mrs Teo said that the attacks cannot be taken lightly.

”First, they were more capable of accessing sensitive information for espionage. Second, they could deploy more tools to disrupt telecoms and internet services. Everything that requires a phone or internet connection would then be affected,” she said.

“The knock-on effects of their campaign could also have included other essential services like banking and finance, transport and medical services,” added Mrs Teo, who is also Minister-in-charge of Cybersecurity and Smart Nation in Singapore.