Police to investigate alleged security breach and sale of personal data of nearly 4 million Malaysians

The Royal Malaysian Police have opened an investigation paper on the alleged security breach involving personal data of nearly 4 million Malaysians. An individual had recently posted on a forum that a database containing names, addresses, phone numbers, IC numbers and photos is up for sale for 0.2 BTC (about RM35,000). It was alleged that the data was obtained from the National Registration Department (NRD) and Inland Revenue Board (IRB) through MyIdentity API.

Bukit Aman Commercial Crime Investigation Department director Datuk Mohd Kamarudin Md Din said that an investigation was launched after the NRD’s deputy director had lodged a police report at Presint 7 police station in Putrajaya yesterday. The police are obtaining a report from the NRD’s information technology division and they will inspect systems of both NRD and IRB to determine the source of the alleged leak. The case will be investigated under Section 4 (1) of the Computer Crimes Act 1997.

According to the CCID director, they do not rule out the possibility of the involvement of insiders and they are conducting a thorough investigation with the Malaysian Communications and Multimedia Commission, CyberSecurity Malaysia and National Cyber Security Agency (NACSA). The police are also taking necessary action to stop the sale of the database to prevent the situation from becoming worse.

The IRB has released a statement today denying reports of security breach on their website through the MyIdentity API. It clarified that IRB is merely a user and they do not own the MyIdentity system. It added that internal checks revealed that there’s no breach of information or leak as alleged and they are working closely with the NRD, NACSA and National Security Council to look into all possibilities of the allegation.

The statement also said that they regretted the allegation as it may erode public trust on their data security. They also urged users to be careful about sharing such reports which could be created by certain irresponsible parties with the intention to confuse and mislead the public. It assured that all personal data stored by the IRB are safe and protected with certified data security technology.

[ SOURCE, IMAGE SOURCE ]

Recent Posts

Prime Minister’s Department: Over 1,500 cyberattacks launched at ministries’ infrastructure systems

There have been over 1,500 cases of cyberattacks launched against Malaysian ministries' infrastructure systems in…

3 hours ago

Malaysia’s largest DC charging hub is opening soon at Iskandar Puteri, Johor

DC Handal is expected to unveil what appears to be Malaysia's largest EV charging hub…

19 hours ago

Realme GT 7 Pro coming to Malaysia as first smartphone with Snapdragon 8 Elite chip, launching 18th November

Realme has debuted its latest flagship smartphone, the Realme GT 7 Pro in China, featuring…

19 hours ago

Malaysia to kill off NGVs in 2025 due to safety concerns

Malaysia will ban natural gas vehicles (NGVs) on 30 June 2025. Subsequently, no new natural…

21 hours ago

Is your iPhone 14 Plus having camera issues? Apple has a solution for you

Apple has launched a service program for the iPhone 14 Plus where certain units fail…

22 hours ago

U Family 128: U Mobile offers 1000GB shared data with 4 lines and free roaming for RM128/month

U Mobile has introduced its new U Family 128 offering, a new family plan which…

1 day ago

This website uses cookies.