Minister: MCMC may have identified sources of massive data breach

salleh-phone-mcmcKUALA LUMPUR: The Malaysian Communications and Multimedia Commission (MCMC) has identified the possible sources of the recent massive personal data breach that hit virtually all the 46 million mobile subscribers in Malaysia, said Salleh Said Keruak.

The minister of communications and multimedia said this conclusion resulted from discussions held yesterday between MCMC and the Malaysian mobile operators.

He added that investigation of the matter by MCMC and the police would be completed as soon as possible.

The data breach was first discovered by Malaysian technology news website Lowyat.net, after it was informed that someone was trying to sell huge databases of personal details for an undisclosed amount of Bitcoin on its forums.

Sources told FMT that the seller used an Internet Protocol address based overseas.

Lowyat.net founder Vijandren Ramadass had reportedly said it informed MCMC on Oct 18 of the breach and then uploaded an article on the theft after MCMC did not provide any feedback.

MCMC initially made the website take its story down.

However, the MCMC confirmed the data breach a day later in a press statement released on Facebook, and then on Oct 23 confirmed that 46.2 million mobile subscribers were affected by the data breach.

Salleh told the Dewan Rakyat there was a “miscommunication” between Lowyat.net and MCMC on the issue at the initial stage which led to the removal of the article on the breach.

However, he added that the miscommunication was settled amicably.

The breach resulted in the private details of almost the entire population, ranging from home addresses and MyKad numbers to SIM card information being exposed to the risk of falling into the wrong hands.

Reports said that 81,309 records from the Malaysian Medical Council, Malaysian Medical Association (MMA) and Malaysian Dental Association were also leaked.