Malaysian payment gateway platform iPay88 suffers data leak, card data may be compromised

If you typically use contactless payment methods, chances are that you’ve used iPay88 even without realising it. iPay88 is one of Malaysia’s biggest payment gateway platforms, providing point-of-sale solutions for plenty of merchants throughout Malaysia and the region.

As such, it’s understandably quite worrying to know then that iPay88 has suffered a cybersecurity breach, and that customer card data may have been compromised. They then state that, once they had found out about the issue on 31 May, they began investigating it and got cybersecurity experts to deal with the matter. iPay88 also stated that there’s been no further suspicious activity since 20 July, and that there’s new measures in place to prevent further incidents. On top of that, they’re already working together with the authorities over the issue too.

Among the major companies listed as iPay88 merchants include Shopee, KK Mart, Senheng, SenQ, Nandos, Machines, and more.

Here’s their statement in full:

“iPay88 would like to report that there was a cybersecurity incident where card data may have been potentially compromised.

Upon discovery of the issue, we immediately initiated an investigation on 31 May 2022 and brought in cybersecurity experts to contain the issue. The containment process was successfully completed and no further suspicious activity has been detected since 20 July 2022.

To ensure the continued safety of the card data, we have implemented various new measures and controls to strengthen the system’s security against any further incidents. The investigation is currently ongoing and we are working closely with the authorities and relevant parties on this matter. More updates and detailed findings will be shared in due course.

All financial institution partners have been informed and kept up to date. We will continue to monitor the situation closely and ensure the safety of the cardholder data,” – iPay88 statement

However, their statement has raised more questions than answers. For starters, iPay88’s statement did not reveal just how many customers and merchants were affected by this data breach. Furthermore, Lembah Pantai MP Fahmi Fadzil also wants to know why, despite having known of the breach back in May, did it take iPay88 this long to make the matter public. Furthermore, despite knowing of a data breach happening at least some time in May and lasting till July, they were still organising events, campaigns and promotions, such as partnering with Atome and taking part at the PJ Startup Festival 2022 while customers remained in the dark.

iPay88 was first founded back in 2000 in Malaysia by Chan Kok Long, Lim Kok Hing and Chong Lee Kean. They have a presence in seven countries across the continent, and would be acquired by NTT Data, a Japanese system integration company, in 2015.

Recent Posts

What is it like washing your clothes in a RM12,999 washing machine? | Samsung Bespoke AI Laundry Combo™

This post is brought to you by Samsung. This is the Samsung Bespoke AI Laundry…

23 hours ago

Dongfeng Box Malaysia: 94hp compact EV with up to 310km of range, priced from RM101k

Dongfeng Box is now officially available in Malaysia. Launched in partnership with Central Auto Distributors…

1 day ago

Nissan Kicks e-Power now open for booking in Malaysia, priced below RM130,000

Edaran Tan Chong Motor (ETCM) has announced that the Nissan Kicks e-Power is now open…

1 day ago

TikTok, Content Forum and UiTM empowers students with Digital Literacy to promote a safer digital space

TikTok in partnership with Communications and Multimedia Content Forum of Malaysia (CMCF) have recently organised…

1 day ago

Tesla owners in Malaysia can finally use the Autopark feature

Tesla owners in Malaysia have reported that their vehicles can now perform the Autopark feature.…

1 day ago

Asus ROG Phone 9 series launching in Malaysia on 10th December 2024

After unveiling its latest smartphones, the Asus ROG Phone 9 series, to the world, Asus…

1 day ago

This website uses cookies.