TM data breach exposes personal details of Unifi customers, including IC and contact number

Earlier today (12 July), we began seeing a number of Unifi customers reporting that they received emails and text messages supposedly from Unifi, stating that a data breach had occurred and that some personal information of select Unifi users had been exposed. Telekom Malaysia (TM) has now issued a statement in response to the incident, confirming that a data breach had occurred as well as the scale of the breach.

According to TM, the data breach involves historical Unifi customers’ personal information. This includes their name, identification and/or passport number as well as contact details. However, TM notes that no financial information had been exposed. TM also adds that the breach has already been contained, and that they’re taking extra steps to protect its data. This includes having reported the matter to the authorities, such as the National Cyber Coordination and Command Center, the Department of Privacy and Data Protection and the Malaysian Communications and Multimedia Commission.

The telco has been sending out notifications to impacted customers too, informing them of the data breach as well as to be wary of any attempts by bad actors to phish for their data or to scam them. If you’re a Unifi customer yourself, you might want to check your email inbox or spam to see if you’re impacted by this latest data breach.

This is now the second data breach TM has suffered in just over half a year. In late December last year, TM had revealed that they were the victim of a data breach that saw 250,248 Unifi Mobile customers affected, with customer names, phone numbers and emails leaked out onto an online forum.

You can read TM’s full statement below:

TM confirmed recently of a data breach involving historical Unifi customers’ personal information that includes name, national identification/passport number and contact details. No financial information was impacted.

The company confirms that the breach has been contained and proactive steps have been taken to protect the data across its platforms. It has sent out notifications to customers informing them of the data breach and to be wary of phishing tactics including online scams, suspicious links and unsolicited phone calls.

TM has also reported this matter to the relevant authorities (National Cyber Coordination & Command Centre (NC4); Department of Privacy & Data Protection (JPDP); & the Malaysian Communications & Multimedia Commission (MCMC)).

TM assures all its customers that its Unifi services remain fully operational with no impact to its users.