Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Technology website Lowyat.net reportedly discovered a huge Malaysian data breach that saw millions of people have their personal data stolen and leaked on the dark web.
The information was apparently taken from multiple Malaysian mobile phone operators, as well as the Malaysian public sector and commercial company websites.
With over 46 million confirmed records breached, this is one monumental data incident.
The mobile operators affected are said to be:
The leaked information from the mobile phone operators reportedly included:
The huge amount of information breached meant it has been difficult to know when the breach occurred. It may have happened anywhere from 2012 to 2015. There could have also been more than one breach, with the plunder merged into one giant database.
Lowyat.net was the first to find out when it was informed that someone was trying to sell on huge amount of personal information in exchange for Bitcoin on their forums.
Recruitment company JobStreet was also reportedly hit by the breach. Its leak contained almost 17 million rows of candidate information including their names, login details, hashed passwords, email address, nationalities, addresses and telephone numbers. Lowyat.net notes that the JobStreet breach may have happened between 2012 and 2013.
Personal data was also reportedly stolen from:
The personal data stolen from the various authorities above is thought to have included personal details, IC numbers, home addresses and mobile phone numbers. These sets of personal data is believed to have been taken between 2014 and 2015.
The massive spreadsheets of stolen data is incredibly unsettling. The large number of affected mobile phone operators and government departments may indicate a major flaw in cybersecurity and data protection protocols. The source of the breach has still not been confirmed.
The Malaysian Communications and Multimedia Commission is investigating what may be the biggest data breach in Malaysian history. Lowyat.net has said it will commit to removing and preventing all illegal sales made on its forums, though it notes that the same stolen data is probably being advertised across other channels. The website warns against the illegal sale of stolen data and warns that perpetrators can be punished by law.
With the nature of digital information, copies of the information may have already been sold on multiple times to companies who make direct marketing calls and emails. In the U.K., this is illegal unless the person or organisation who controls the data has first sought consent from recipients to allow them to make such calls and emails for marketing purposes.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020