Malaysia Data Breach Comprises 46.2M Mobile Numbers

A massive cybersecurity breach is reported to have compromised personal data of 46.2 million mobile numbers in Malaysia, exposing details such as home addresses and SIM card information.

The breach affected both postpaid and prepaid numbers as well as subscribers from all major mobile carriers in the country, including Maxis, Altel, Digi, and Celcom, according to Lowyat.net. The local website earlier this month said it received information that personal data linked to millions of Malaysians were being peddled online.

Apart from customer data from local telcos, it added that the information included those that belonged to various websites such as Jobstreet.com, Malaysian Medical Association, and Malaysian Housing Loan Applications. Leaked data from Jobstreet.com, for instance, contained the candidate's login name, nationality, and hashed passwords.

Timestamps in the compromised data suggested that the breach occurred between 2014 and 2015, said Lowyat.

Commenting on the breach, Darktrace's Asia-Pacific managing director Sanjay Aurora said such "low and slow" attacks could lay stealthily in networks for years without anyone noticing. He added that traditional defense tools would not be able to identify and block such attacks.

"Lateral movements are incredibly difficult to catch, with attackers spending an average of 260 days in a network before striking," Aurora explained. He pointed to the need for machine learning tools that could learn on-the-job and dynamically tweak its analysis based on new information.

"Alongside this, there needs to be a cultural change," he added, stressing the need to stop victim-blaming so businesses would not fear coming forward.Lowyat

Lowyat said it had handed the information to industry regulator, Malaysian Communications And Multimedia Commission, which later released a statement confirming it was investigating the incident.

According to local reports, Communications and Multimedia Minister Datuk Seri Salleh Said Keruak said the police also was involved in the investigation.

Malaysia has a population of some 31.2 million, so some subscribers likely will hold more than one compromised mobile number. The report added that the list may contain inactive numbers as well as temporary ones issued to visitors to the country.

RECENT NEWS

Big Techs Spending Soars With Data Centre Boom

The rapid expansion of data centres has turned Big Tech into big spenders. As companies strive to meet the growing deman... Read more

SEC's Oversight Over Digital Assets: Balancing Regulation And Innovation

As the digital asset market continues to expand, regulatory agencies like the Securities and Exchange Commission (SEC) a... Read more

Harnessing AI To Combat Cyber Risk: Strategies For Financial Institutions

Cyber threats pose an ever-present danger to financial institutions, requiring robust strategies to mitigate risks effec... Read more

Adaptation And Innovation: Revolut's Response To Banking License Delay Through Advertising Sales Push

As Revolut eagerly awaits the acquisition of its banking license, the fintech giant has demonstrated remarkable adaptabi... Read more

Riding The Wave: The Evolution Of Fintech Investment Strategies

The fintech industry has experienced unprecedented growth in recent years, captivating the attention of investors worldw... Read more

How Fintech Is Revolutionizing Traditional Banking

How fintech is revolutionizing traditional banking is a topic that is garnering positive and immense discourse within th... Read more