GEORGE TOWN: The Penang government's official website has been hacked, with personal information details of more than 600,000 people compromised.
The leaked data had allegedly been uploaded to the "BreachForums" forum site by a user nicknamed "LeakBase"' on Jan 18.
The post stated that the data was available for download. The post, which was initially shared on Twitter by @FalconFeedsio, stated that LeakBase claimed the data included usernames, passwords, full names, email addresses, and security-related keys, such as one-time passwords.
The one-stop government portal (www.penang.gov.my) offers more than 30 e-services for the public, elected representatives and state executive council members.
The FMT quoted Penang exco member Zairil Khir Johari as saying that the leaked data was from an old database.
He reportedly said the state government still considered the breach serious and would take action to address it.
"Based on reports by our IT department under the State Secretary's Office, the data appears to be outdated. However, we are, of course, concerned that a breach has occurred, and we will instruct them to do a vulnerability assessment and take action."
Zairil said those affected were mostly civil servants and information like their names, email addresses, contact details and identity card numbers may be compromised.
"We are already in communication with the relevant ministry and the CyberSecurity Malaysia to order a thorough investigation into the data leak," he said.
The last time a data leak occurred was in December, involving 13 million users data from Maybank, Astro and Election Commission.