Data breach that effects 46.2 million Malaysian user log-ins was known back in February

Photo: Pixabay
Photo: Pixabay

When a rumor began on popular message board on October 20 regarding a massive security breach affecting 46.2 million (more than the population of the country) Malaysians’ personal data, everyone, including their second secret mobile, was decidedly concerned that it could include them.

Then a week later, the Communication and Multimedia Ministry confirmed that information that included email addresses, login credentials and IC numbers was indeed leaked, and said they would be investigating how such a massive sensitive data dump could happen. Also, change your passwords, and get with that two-step log-in process.

Today, we learn that one of the groups that had their security compromised, the Malaysian Dental Association (MDA), knew about the leak of personal details back in February. CyberSecurity Malaysia, and Malaysia Computer Emergency Response Team (MyCERT), hired to protect their digital networks, were alerted by a foreign security organization, that their members’ login credentials had been decoded.

They were able to pass the information along to their users, reset passwords, and amp up their digital security.

MyCERT followed-up with investigations and found that MDA’s host server had been hacked, and quickly changed their server to another provider, without further ado. They also upgraded their firewall.

Worryingly, after looking into the matter, CyberSecurity Malaysia concluded that MDA’s security was breached as far back as five years ago.

Another group that was cyber attacked was the Malaysian Medical Association (MMA). Speaking to The Malay Mail, they said that they had been unaware of any data theft until the thread began to gain traction on lowyat on October 19. However, upon hearing the news, they also have taken action to increase their cyber security.

The lowyat story gained wide public awareness two weeks ago, when a mysterious thread appeared claiming that several Malaysian telcos were involved in extensive security breaches of customer personal data. Operators like DiGi, Celcom, Maxis, Tunetalk, Redtone and Altel have all been affected.

The Communications and Multimedia Ministry is currently investigating possible suspects behind the theft, has said they have already found people of interest.

Paywall: You’re outta here, Coconuts stories are free for all

We have removed our paywall on all Coconuts stories. This does not mean the end of COCO+ Membership at all, but the value proposition is changing.

Rather than being a transactional subscription – whereby you pay for access to content – it is now a true membership program – whereby Coconuts stories are free for everyone but super-fans can monetarily support our independent journalism, and get added member benefits.

If you'd like to support Coconuts, you can become a COCO+ Member for as little as US$5 per year. Thank you!



Leave a Reply

Coconuts TV
Our latest and greatest original videos
Subscribe on

Send this to a friend