KUALA LUMPUR, Nov 1 — The Communications and Multimedia Ministry has identified possible suspects behind the theft and attempted sale of information belonging to tens of millions of Malaysians.
Minister Datuk Seri Salleh Said Keruak said the information was gleaned following meetings with the affected telecommunications operators this week.
“We have identified several possible sources of the leaks and will resolve this matter in the nearest possible time,” he told reporters when met in Parliament today.
However, Salleh refused to divulge further details on the possible suspects.
Separately, a ministry source revealed that the attack on virtually all local telcos and mobile virtual network operators as well as the databases of the Malaysian Medical Council, the Malaysian Medical Association and the Malaysian Dental Association may have been launched from abroad.
News about an alleged leak first emerged in a report titled “Personal data of millions of Malaysians up for sale, sources of breach still unknown”, published on the Lowyat.net technology news site on October 19.
None of the breaches are recent, however, with information suggesting that these may trace back at least as far as 2014.
The report claimed that the personal data of millions of Malaysians from the databases of an online recruitment portal and medical associations, as well as over 50 million records of customer data from various telcos, were up for sale online.
The information taken from telcos reportedly included customer names, billing addresses, mobile numbers, and identity card (IC) numbers.
The article was removed under Malaysian Communications and Multimedia Commission’s (MCMC) instructions on October 19 soon after it was published. The regulator later explained in a statement that the order to take down the report as a “preventive measure”.
Lowyat.net then restored the original article on October 20 with MCMC’s approval.