Crime & Courts

[UPDATED] 400 million personal data records stolen and sold, five arrested

By Austin Camoens
October 17, 2024 @ 4:43pm

KUALA LUMPUR: The personal data of millions of Malaysians were believed to have been offered on the dark web by a locally-run syndicate.

A collaborative effort between the federal Commercial Crime Investigation Department, Cyber Security Malaysia and Personal Data Protection Commission led to the discovery of a website containing over 400 million pieces of personal data involving names, identification numbers, addresses, bank account numbers and telephone numbers.

Access to the portal was granted to those interested for between RM200 and RM800 monthly.

Willing buyers could also purchase the data for between RM1.50 and RM2 each.

Federal CCID director Datuk Seri Ramli Mohamed Yoosuf said they launched a series of raids within the Klang Valley beginning Sept 5 where they arrested five people, including two men believed to be the brains of the operation.

"Based on our checks one of the suspects, a Pakistani man who has been in Malaysia for over 10 years, was responsible for hacking into a number of databases together with a local man.

"The two are believed to have set up the portal in order to sell the personal data collected," he told reporters at CCID headquarters here.

Also present were Personal Data Protection Commissioner Professor Dr Mohd Nazri Kama and Cyber Security Malaysia chief technology officer Wan Roshaimi Wan Abdullah.

Ramli said the 47-year-old Pakistani man who was believed to be the mastermind of the syndicate has been charged under Section 130(4) of the Personal Data Protection Act 2010 for allegedly selling personal data.

"The four others, including three men believed to be illegal debt collectors, have since been released on bail.

"We believe these debt collectors had purchased personal data from the syndicate," he said, adding that they believe there are other syndicates who were also using data from the portal.

He said police were currently working towards identifying the other syndicates involved and bringing them to justice.

When asked if the hackers managed to break into databases belonging to government agencies, Ramli said it was under investigation but declined to elaborate.

"We are also working towards identifying the agencies where the data was stolen from, be it government or private companies.

"We want to sit down with them and discuss ways to increase their security measures to avoid such incidents from reoccuring," he said.

Most Popular
1
Corporate 10 hours ago
Bin Zayed International announces withdrawal from RM40b Langkasuka project
2
Crime & Courts 1 day ago
No use pretending as Immigration Dept well prepared before raiding Low Yat Plaza
3
Corporate 11 hours ago
Bin Zayed International  pledges US$2b investment in Malaysia over 5 years
4
Nation 13 hours ago
[UPDATED] MACC's probe on finances, assets of late Tun Daim and family continues
5
Groove 21 hours ago
#SHOWBIZ: Awie gets emotional visiting ailing Ebby Yus
Related Article
Nation
Gobind: Personal data breaches up 41pct this year
Columnists
Allow people to erase personal data from public digital record
Nation
[UPDATED] MACC arrests 'counter setting' syndicate mastermind
Nation
Personal data protection guidelines and standard to launch early 2025
Nation
[UPDATED] Data Sharing Bill to be tabled in December
Says Stories
Experience A Magical Glow-In-The-Dark Christmas With Fun Festive Activities At Gamuda Cove
Doktor Mengaku Tidak Bersalah Selepas Didakwa Rakam Punggung & Bahagian Badan Wanita
PMX Sokong ICC Keluar Waran Tangkap Pada Netanyahu & Gallant Atas Jenayah Perang Di Gaza
KL Cop Charged With Stealing Jewellery From 26-Year-Old Woman Who Died Of Heart Attack
PASTI Pecah Rekod Baharu! 121,180 Murid Daftar Sesi Hafazan Tertinggi Kategori Prasekolah
Get Mobile App