KUALA LUMPUR: Another data leak has reportedly occurred involving the personal details of 22 million Malaysians belonging to the National Registration Department (NRD).
The dataset has been allegedly put up for sale on the internet by an anonymous person.
The breach was highlighted by Lowyat.Net, which who came across the dataset sale for US$10,000 on a tech site last month.
The portal reported that the breach involved the data of Malaysians born between 1940 and 2004 and was 160 Gigabite in size.
Among the data it reported to have contained include a person's name, MyKad number, address, date of birth, gender, race, religion, mobile number and Base54 photo.
The seller, who claimed to have with him the data of 22 million Malaysians, also posted a screenshot of Home Minister Datuk Seri Hamzah Zainuddin's details as proof.
The data is claimed to have been harvested from the NRD.
The seller also mentioned in his offer that the source of the 160GB file is from the government-owned myIDENTITI API system, which is shared by several government agencies.
This is the second time that such sensitive personal information was publicly put on sale on the internet.
The first incident, in September last year, involved personal information of four million Malaysians.
The New Straits Times has contacted the police to verify information on the data leak but has yet to get an official response.
It was reported that Hamzah, when contacted, had denied that the breach of data occurred from NRD.
He was quoted as saying that NRD had a mechanism to track the movement of the data and no breach was found.