MCMC orders to remove report on major data breach

Modified 20 Oct 2017, 3:06 am

The Malaysian Communications and Multimedia Commission (MCMC) has ordered to remove a report of what the technology portal claimed was one of the country's biggest data breaches in history.

Around two hours after the report titled "Personal data of millions of Malaysians up for sale, sources of breach still unknown" was uploaded this evening, removed the story.

It was replaced with the message stating: "MCMC has requested the removal of this article. We are still awaiting an official statement from them"., in its initial report, said it received a tip-off that someone was selling huge databases of personal details belonging Malaysians.

The portal said it was initially sceptical and thought the attempted sale was a scam but discovered, upon investigation, it could be "one of the biggest data breaches ever in Malaysian history".

Among the data on sale was 50 million entries of data from various telcos.

It said the data included customer names, billing addresses, mobile phone numbers, sim card numbers, handset models and MyKad numbers of customers.

It added the data breach was believed to have occurred between 2012-2015.

Other data on sale were 17 million rows of customer information from a jobs portal.

The data included candidate's name, login name, hashed password, email address, nationality, address and mobile phone number.

It added this particular set of data was likely to have been obtained between 2012 to 2013.

Apart from these, there were also two sets of 20,000 and 62,000 data of doctors respectively, obtained from medical associations and 720,000 entries of housing loan applications.

The doctors' data included MyKad numbers, operating address and mobile numbers.

The housing loan application data contained information such as name, MyKad number, contact number, email address, blacklist status, address, job, employer details, salary and spouse's details.

Malaysiakini has contacted the MCMC for comment and is awaiting a response.

Share this story


By posting a comment, you agree to our Terms & Conditions as stipulated in full here


Foul language, profanity, vulgarity, slanderous, personal attack, threatening, sexually-orientated comments or the use of any method of communication that may violate any law or create needless unpleasantness will not be tolerated. Antisocial behaviour such as "spamming" and "trolling" will be suspended. Violators run the risk of also being blocked permanently.


Please use the report feature that is available below each comment to flag offending comments for our moderators to take action. Do not take matters in your own hands to avoid unpleasant and unnecessary exchanges that may result in your own suspension or ban.