It was reported that yesterday, a database leak that contained four million data entries belonging to Malaysians was put on sale for RM35,500 at a well-known marketplace forum. The leaked database reportedly involved the National Registration Department (JPN) as well as the Inland Revenue Board (LHDN).
The seller claimed that the data was from JPN but acquired through LHDN’s website using myIDENTITY’s API and it was listed on the marketplace for 0.2 BTC.
LHDN has now since issued a statement and refuted the claim that its website was the source of the database leak and insisted that it was merely just a user of myIDENTITY but does not own the platform.
In their statement, they insisted that all of the data and information under its custody is safe and protected by “recognised data security technology”.
Furthermore, the board revealed that its own internal investigation showed that there was no leak of data and information at its end. They are currently working together with JPN, NACSA, and the National Security Council to go through all the possibilities in regards to the said database.
It was also reported by BERNAMA that the Royal Malaysian Police (PDRM) have begun to investigate the database leak. According to the Director of PDRM’s Commercial Crime Investigation Department, CP Mohd Kamarudin Md Din, a police report regarding the incident has been filed at Putrajaya by the Deputy Director of JPN and the case is currently being investigated under Section 4(1) of Computer Crimes Act 199.
CP Kamarudin said that a thorough investigation will be carried out in collaboration with the Malaysian Communications and Multimedia Commission, CyberSecurity Malaysia, and National Cyber Security Agency (NACSA).
PDRM has also reportedly made the first move by attempting to block the sale of the database but the listing appears to still be on the marketplace forum as of 10.00 am today (29 September).
How did this all start?
The issue was first highlighted by local Intrusion Analyst, Adnan Shukor, via a Twitter post. He noted that the important information of Malaysians such as their full name, NRIC number, mailing & permanent addresses, mobile number, and e-mail address were all included as part of the data. To make matters worse, there are also images present in the database which was grouped according to each individual’s birth year, ranging from 1979 to 1998.
The data was said to be in 19 different files and sample images of the database provided by the seller showed the information of about 60 individuals which contained all of their personal information.
The seller which according to their profile is based in, Puchong, Selangor, claimed that the total data is of four million Malaysians which is equal to 31.8GB. They also claimed that it was leaked via myIDENTITY API, which is essentially the national data-sharing platform for the public sector that allows government agencies to obtain one’s personal details from a centralised repository. 10 agencies including both JPN and LHDN are currently linked to the platform which first went live in June 2012.
Worryingly enough, there have been a number of inquiries to the listing by potential buyers.
We hope that the listing gets brought down promptly and that a complete investigation is conducted on how the database was leaked in the first place. Let us also do our part to keep our data safe from potential leaks such as this.
What do you think of this? Let us know in the comments.
Sarawak To Establish Its Own Sovereign Wealth Fund, Hopes To Replicate Norway’s Success
Sarawak Premier Tan Sri Abang Johari Tun Openg has announced that the territory is currently in serious talks with Norway...
MAVCOM: Airlines MUST Resolve Consumer Complaints & Provide Reimbursements Within 30 Days
The Malaysian Aviation Commission (MAVCOM) has stressed that the Malaysian Aviation Consumer Protection Code (MACPC) requires airlines to resolve consumer...
UK Court Rules That Calling Men ‘Bald’ at Work Will Now be Considered as Sexual Harassment
When it comes to verbal sexual harassment, what often comes to mind is someone making inappropriate comments about someone else’s...
Can’t Wait To Go Clubbing? Here Are The SOPs Nightclub Operators & Patrons Must Follow!
It was recently announced that nightclubs would be able to reopen starting 15 May (Sunday). The National Security Council (MKN)...
Spain to Become 1st Western Country to Offer Menstrual Leave of Up to 3 Days Per Month
Most women have abdominal cramps, backaches, headaches, nausea, diarrhea which are all common symptoms of menstruation every month. This can...
Kelantan’s Dept MB Claims That The State Has a Lot of Water, But Nowhere to Store it
Every so often, the country faces a water shortage due to a myriad of different reasons. Several states have grown...
North Korea Reports First Covid Cases, Kim Jong Un Orders National Lockdown
North Korea confirmed its first-ever Covid cases on Thursday (12 May) and declared a “serious emergency”, with leader Kim Jong...
JUST IN: Malaysia Will Host The 34th SEA Games In 2027!
After both Malaysia and Indonesia had expressed interest in hosting the sporting event, Malaysia has ultimately been chosen to host...
Social Stories20 hours ago
Mall Urges Anime Fest Visitors To Opt For Other Transportation Options As Car Park Occupancy Gets Full
Social Stories17 hours ago
Steven Sim Buys Motorcycle For A M’sian To Start Her New Life After 20 Years Of Being Stateless
Social Stories18 hours ago
WATCH: Video Of Selfish Car Driver Refuses To Give Way To Ambulance
Social Stories20 hours ago
Economy Minister Warns Against Najib’s Proposal For Petronas To Take Over Sapura