Maybank which was one of the alleged targets of a data breach has issued a statement that the allegations are not true. After conducting an investigation with a third party, it confirms that the data leak allegations are false.
Here’s Maybank’s statement in full:
Following the conclusion of our investigation into the allegation by a third party regarding a purported customer data leak, Maybank can confirm that these claims are false. The Bank would like to reassure its customers that their data remains secure and private and that no customer data has been compromised. Maybank will continue to prioritise its cyber security and data protection measures as customer data protection is of utmost importance to the Bank.Maybank
Maybank has assured that their data remains secure and private and no customer data has been compromised. It reiterated that it will continue to prioritise cyber security and data protection measures.
Based on the sample data provided by the seller in an online forum, the alleged “Maybank” database containing 1.8 million records includes name, an undefined 12-digit number, phone number and full address. There are no payment or login details such as usernames, passwords or card numbers.
On Friday, the Communications and Digital Ministry issued a statement stating that the “leaked” database contained invalid Maybank account numbers. As a result, whoever has the full list is not able to make any transaction using the listed 12-digit numbers. The Ministry is still investigating the data breach situation through the Personal Data Protection Department with the support of CyberSecurity Malaysia. The Malaysian Communications and Multimedia Commission (MCMC) has been instructed to block the website which offered the database.
The minister, Fahmi Fadzil, says personal data protection is a key issue that he wishes to tackle. In a tweet, he said he will be sitting down with the Personal Data Protection Department (JPDP) next week to go through the proposed amendments to Act 709.
Astro has also launched its own investigations into the data breach allegations and has earlier issued a statement that none of its customer information that they hold has been breached. However, Telekom Malaysia has confirmed that personal data belonging to approximately 250,000 Unifi Mobile customers have been breached which contained their names, email addresses and phone numbers. Affected customers have been notified by email.
- Fahmi Fadzil: Alleged leaked database contains invalid Maybank account numbers
- Maybank investigates data leak allegations, no data breach detected so far
- Database of 13 million Malaysians allegedly obtained from Maybank, Astro and SPR is sold online
- TM confirms data breach involving 250,000 Unifi Mobile customers