7 people, 19-32, arrested over unauthorised attempts to change addresses on ICA e-service

Six men and one woman, aged between 19 and 32, have been arrested in relation to a series of unauthorised attempts to change registered residential addresses through the Immigration & Checkpoints Authority’s (ICA) electronic change of address (eCOA) service.

The eCOA service allows Singapore citizens and permanent residents to report a change of residential address to ICA online.

Believed to be responsible for at least 30 attempts to change residential addresses

According to a press release by the Singapore Police Force (SPF), the arrests occurred after ICA revealed on Jan. 11 that perpetrators were using stolen or compromised Singpass accounts to fraudulently change the addresses of victims.

As of Jan. 13, investigations uncovered 87 unauthorised attempts to change registered residential addresses, with 69 address changes successfully executed.

Of these 69, the perpetrators had gained control of 17 Singpass accounts.

The seven people arrested are believed to be responsible for at least 30 of the attempted unauthorised changes to residential addresses.

Affected individuals have been contacted

ICA suspended the eCOA service on Jan. 11.

Following the suspension, ICA sought to contact all 87 affected individuals to inform them of the attempted change to their registered address.

House visits were made to those who were uncontactable by phone.

In addition, regardless of whether the attempt to change their address was successful for all 87 cases, ICA is facilitating a replacement of their identity card, and restoring their registered address in the agency's database to their legitimate one.

The Singpass accounts linked to all the 87 cases have also been reset or suspended.

ICA and GovTech are also working together to assist the 17 users whose Singpass accounts had been compromised.

ICA added that the police and GovTech have been contacting relevant government agencies and private sector services, such as banks and telcos, which the perpetrators might have accessed using the compromised Singpass accounts, to ensure that appropriate remedial or preventive actions are taken.

eCOA service partially resumed on Jan. 14

The "Myself" module of the service was resumed again on Jan. 14, 2025, with additional security measures implemented.

Individuals accessing the “Myself” module will now be required to perform an additional face verification when logging in using their Singpass account.

The "Myself and my family members" and "Others" modules remain suspended.

All seven suspects being investigated

Six of the the suspects are being investigated for alleged offences under the Computer Misuse Act 1993, for unlawful disclosure of access codes.

One suspect is being investigated under the Computer Misuse Act 1993, for unlawful disclosure of password or access code in relation to Singpass.

Some of the suspects are also being investigated by ICA for alleged breaches of Regulation 20(a) of the National Registration Regulations.

The offences under the Computer Misuse Act 1993 carry a jail term of up to three years, a fine of up to S$10,000, or both.

A breach of Regulation 20(a) of the National Registration Regulations carries a jail term of up to two years, a fine of up to S$3,000, or both.

Police investigations to identify the other perpetrators are still ongoing.

Top photo via Google Maps