Mil­lions of Malaysian phone users’ per­sonal data stolen, re­port says

China Daily (Canada) - - WORLD -

KUALA LUMPUR — Home ad­dresses and iden­tity num­bers, among other de­tails of 46.2 mil­lion mo­bile phone sub­scribers, nearly the en­tire pop­u­la­tion of Malaysia, may have been com­pro­mised, lo­cal me­dia re­ported on Tues­day.

It was be­lieved to be the largest data breach in the coun­try, lo­cal me­dia said.

On­line tech­nol­ogy site lowyat.net said the hack­ers have the home ad­dresses, iden­tity card num­bers, SIM card in­for­ma­tion and pri­vate de­tails of al­most the en­tire Malaysian pop­u­la­tion of 32 mil­lion. Many Malaysians have sev­eral mo­bile num­bers.

The site con­firmed that those num­bers were leaked on­line, in a fol­low-up re­port on its Oct 19 alert that some­one was try­ing to sell the data from a huge breach in 2014.

In ad­di­tion, 81,309 records from the Malaysian Med­i­cal Coun­cil, the Malaysian Med­i­cal As­so­ci­a­tion and the Malaysian Den­tal As­so­ci­a­tion were also ex­posed, the tech site said.

Com­mu­ni­ca­tions and in­ter­net reg­u­la­tor, the Malaysian Com­mu­ni­ca­tions and Mul­ti­me­dia Com­mis­sion, has said it is in­ves­ti­gat­ing the breach with the po­lice.

The probe is be­ing led by the Depart­ment of Pri­vate Data Pro­tec­tion, an agency un­der the Min­istry of Com­mu­ni­ca­tions and Mul­ti­me­dia.

Founder of lowyat.net, Vi­jan­dren Ra­madass, said that the site’s team fol­lowed the on­line trail left by the in­di­vid­ual who tried to sell the data and dis­cov­ered that the in­for­ma­tion was al­ready avail­able for down­load for free.

“We have dis­closed the com­plete de­tails to the MCMC,” he said, adding that he be­lieves tel­cos should admit the breach oc­curred and ad­vise their cus­tomers on the next steps.

The MCMC has held meet­ings with lo­cal tel­cos to en­sure that they are aware of the leak and will give full co­op­er­a­tion to in­ves­ti­ga­tors.

Cy­ber se­cu­rity an­a­lysts said the hack­ers could make Malaysia vul­ner­a­ble to phone scam at­tacks.

“Scam­mers (could) pre­tend to be some­one call­ing or tex­ting from the telco since they can prove they have the tar­get’s per­sonal de­tails,” net­work and se­cu­rity strate­gist Gavin Chow was quoted as say­ing.

Other users could be tricked into trans­fer­ring their money or in­stalling “telco ap­pli­ca­tions” con­tain­ing mal­ware or spy­ware. Th­ese could be used to ex­ploit the tar­get in the fu­ture.

Chow said users need to be alert when re­ceiv­ing calls and mes­sages from strangers. “Do not get tricked into shar­ing more per­sonal de­tails, trans­fer­ring funds or in­stalling apps.”

Di­nesh Nair, a tech­nol­ogy strate­gist, said there was not much that con­sumers could do. But they might want to change their SIM cards be­cause the hack­ers have stolen IMSI and IMEI data — elec­tronic iden­ti­fiers unique to each phone which are em­bed­ded into a SIM card.

“I’m sure my data is there as well. Peo­ple with re­ally good tech­ni­cal skills will be able to clone some­one’s phone and that’s the worst-case sce­nario,” he said.

ROSLAN RAH­MAN / AFP

Frag­ment Room em­ploy­ees smash bot­tles in a “rage room” in Sin­ga­pore, in which cus­tomers can take out their stress on items such as bot­tles and tele­vi­sions.

Newspapers in English

Newspapers from China

© PressReader. All rights reserved.