CYBERJAYA: The Malaysian Communications and Multimedia Commission is going “full throttle” in aiding police investigations into a report from Lowyat.net of a possible leak involving 46.2 million mobile phone numbers and three databases.
Its chief operating officer, Dr Mazlan Ismail, said the commission had received the report from LowYat.net on Oct 18 and immediate action had been taken, including lodging a police report and meeting cellular service providers.
“We had our first meeting on the matter with the telco operators the next day itself, on Oct 19, and the recent one was last week,” he told reporters after the Star Rating Award 2016 ceremony.
Based on these meetings, said Mazlan, the consensus of the telco providers on the matter included that they wanted police to complete their investigations and agreed not to make any comment while the probe was ongoing.
“MCMC is working closely with police and it is crucial at this juncture to refrain from making any speculation or conclusion as it can affect the ongoing probe.”
Mazlan said the communications and multimedia minister and his deputy were constantly being briefed on the matter.
To a question, he said security aspects were always at the core of the communications and multimedia industry.
Mazlan said efforts to beef up on security aspects in the industry were consistent, adding that it was one of the foundations of the providers’ services.
Under the general Consumer Code of Practice for the Communications and Multimedia Industry, he said, the operators were responsible to protect their clients’ personal data.
Lowyat.net had reported that about 46.2 million mobile phone numbers registered with Malaysian telecommunications and mobile virtual network operators had been compromised and leaked online.
According to the report, the leak included postpaid and prepaid numbers, customer addresses as well as SIM card details from all major operators, including DiGi, Celcom, Maxis, Tunetalk, Redtone and Altel.
The technology news site said the time stamps on the files it downloaded indicate the leaked data was last updated between May and July 2014.
All details regarding the data that were uncovered, as well as how it managed to obtain all the data, had been shared with MCMC.
Lowyat.net said it also confirmed that a total of three databases belonging to the Malaysian Medical Council, Malaysian Medical Association and Malaysian Dental Association (MDA) had also been leaked.
These medical databases include personal information, MyKad details, phone numbers, as well as work and residential addresses.
On Oct 19, Lowyat.net reported that the personal data of millions of Malaysia were up for sale and that the source of breach was still unknown.