Crime & Courts

[UPDATED] 400 million personal data records stolen and sold, five arrested

By Austin Camoens
October 17, 2024 @ 4:43pm

KUALA LUMPUR: The personal data of millions of Malaysians were believed to have been offered on the dark web by a locally-run syndicate.

A collaborative effort between the federal Commercial Crime Investigation Department, Cyber Security Malaysia and Personal Data Protection Commission led to the discovery of a website containing over 400 million pieces of personal data involving names, identification numbers, addresses, bank account numbers and telephone numbers.

Access to the portal was granted to those interested for between RM200 and RM800 monthly.

Willing buyers could also purchase the data for between RM1.50 and RM2 each.

Federal CCID director Datuk Seri Ramli Mohamed Yoosuf said they launched a series of raids within the Klang Valley beginning Sept 5 where they arrested five people, including two men believed to be the brains of the operation.

"Based on our checks one of the suspects, a Pakistani man who has been in Malaysia for over 10 years, was responsible for hacking into a number of databases together with a local man.

"The two are believed to have set up the portal in order to sell the personal data collected," he told reporters at CCID headquarters here.

Also present were Personal Data Protection Commissioner Professor Dr Mohd Nazri Kama and Cyber Security Malaysia chief technology officer Wan Roshaimi Wan Abdullah.

Ramli said the 47-year-old Pakistani man who was believed to be the mastermind of the syndicate has been charged under Section 130(4) of the Personal Data Protection Act 2010 for allegedly selling personal data.

"The four others, including three men believed to be illegal debt collectors, have since been released on bail.

"We believe these debt collectors had purchased personal data from the syndicate," he said, adding that they believe there are other syndicates who were also using data from the portal.

He said police were currently working towards identifying the other syndicates involved and bringing them to justice.

When asked if the hackers managed to break into databases belonging to government agencies, Ramli said it was under investigation but declined to elaborate.

"We are also working towards identifying the agencies where the data was stolen from, be it government or private companies.

"We want to sit down with them and discuss ways to increase their security measures to avoid such incidents from reoccuring," he said.

Most Popular
1
Nation 23 hours ago
'We are truly sorry' - Vivy Yusof and husband [WATCH]
2
Groove 1 day ago
#SHOWBIZ: I was 'too pretty' for a Malaysian film, says Fan Bingbing
3
Crime & Courts 9 hours ago
Teen who attacked students with hammers in UK is Malaysian [WATCH]
4
Nation 19 hours ago
FV debacle: PNB regrets loss incurred
5
World 1 day ago
Singapore court bars sister from entering brother's room
Related Article
Nation
Gobind: Personal data breaches up 41pct this year
Columnists
Allow people to erase personal data from public digital record
Nation
[UPDATED] MACC arrests 'counter setting' syndicate mastermind
Nation
[UPDATED] Data Sharing Bill to be tabled in December
Nation
No personal data stored in MyDigital ID
Says Stories
Sesi Uji Bakat 'One In A Million' Di Karnival Jom Heboh Johor Bermula Hari Ini & Esok
BABA'S Kembali Sebagai Penaja Utama Karnival Jom Heboh BABA'S Di Johor Hujung Minggu Ini!
"Anything For Family" – Vin Diesel Lookalike Making Kunafa At Ramadan Bazaar Goes Viral
Dapatkan Nasi Kari Ayam Percuma Dari Kenduri Raya BABA'S Di KJH Putrajaya 3 Mei Ini!
Which Is The Luckiest Animal In 2025? Here Are The Predictions For The Year Of The Snake
Get Mobile App