In the advent of modern technology, a good bulk of our personal information can be securely stored and accessed online. This is especially true in the case of government agencies that have now digitised a number of their operations while maintaining a repository of user data in servers. And while cybersecurity experts work to keep this data safe at all times, it would now seem that a recent leak from the National Registration Department (JPN) has left the data of over 22.5 million adult Malaysians at risk.
Hacker claims to have data of 22.5 million Malaysians for sale
This comes after a report from local site Amanz has claimed that the information, which comes in at a total of 160GB, is being offered for sale by a hacker for the handsome sum of US $10,000 (RM43,885) in cryptocurrency. The data includes 22.5 million rows with data attributes containing MyKad numbers, full names, dates of birth, home addresses, gender, religion, and registered phone numbers of any individual born between 1940 to 2004.
And while Amanz had initially reported that the listing was offered through the Dark Web, a search conducted by LowYat.net has revealed that it was in fact listed on what has been described as a ‘well-known database marketplace’.
What makes this more spine-chilling is the fact that the hacker in question has even shared personal details of the current Home Minister, Datuk Seri Hamzah Zainudin, obtained through the database as ‘proof’ of its veracity. During a similar data leak that occurred last year involving 4 million Malaysians, Zainudin had vowed to step-up cybersecurity measures to prevent such breaches.
Over 800,000 selfies of MyKad holders also available for sale
The database was said to have been obtained via the myIDENTITY API, which LowYat.net explains as a data-sharing platform developed for use in the public sector, which enables various agencies to obtain user information from a centralised repository as and when it is needed. This was the same exploit used in last year’s alleged leak.
The same seller had also offered a database containing electronic Know Your Customer (eKYC) images of 802,259 Malaysians pilfered from the Elections Committee for sale, at a price of US $2,000 (RM 8,790.00).
As of present, no formal statement has been issued by the National Registration Department or the Home Ministry concerning the alleged leak.
Tap here to give us a ‘Like’ on Facebook and stay up-to-date on the latest news!