Hackers Behind the October Data Breach Exposing Data on Darknet Identified by Malaysia Police
In October 2017, a data breach hit the whole country of Malaysia which went down into history as one of the worst ever recorded in the country. Over 46 million mobile phone subscribers were affected, and their data were later exposed on the Darknet for sale.
The Malaysia police have identified the brains behind that incident after a thorough investigation. On Thursday, they officially announced that they have identified several suspects linked to the data breach.
They recently assured the general public about the commencement of the investigation right after the attack, and it has really been fast and effective so far.
In a press conference, Tan Sri Mohamad Fuzi Harun, Inspector-General of Police told reporters that the suspects will soon be arrested. He refused to mention the names of the suspects. However, he gave a hint to fill the void of curiosity. He said that the data breach was caused by a company which he refused to mention its name. It is believed that investigation is still ongoing, making it not advisable to reveal the identity of the suspects.
The data breach was huge, but there has not been any official explanation concerning how it occurred. The police, in the Thursday press conference, did not explain it but said to reporters that they know how it happened, but they cannot confirm anything. “I cannot confirm the source of the leak, but we have leads on how it happened. (It was) not (the work of a) syndicate,” said the Police.
Authorities did not also reveal the number of suspects identified so far during the press conference, though the police said that they have identified the people involved. “We have some leads pertaining to the case and we have identified those involved. Further action will be taken.”
The news which circulated after the data breach was in mass. The victims reported several post incident cases which all boiled down to the fact that their personal information was being used for something illegal. Some of the victims reported that they have received notifications which indicated that they have registered for new phone numbers without their knowledge.
The hackers breached the data of user names, prepaid and postpaid phone numbers, addresses, customer details and SIM card data.
The hackers managed to hack private information from at least 12 mobile operators in Malaysia namely: DiGi, Altel, Celcom, Enabling Asia, Friendimobile, MerchantTradeAsia, PLDT, RedTone, TuneTalk, Umobile, and XOX. The breached data was sold on the Darknet. They also breached data belonging to the Malaysian Medical Council, Malaysian Medical Association, Academy of Medicine Malaysia, Malaysian Housing Loan Applications, Malaysian Dental Association, and National Specialist Register of Malaysia. In total, there were over 80,000 individual victims of the breach. Hackers usually target such institutions. It was recently reported that medical hospitals in Dutch report data breach almost every day.
An early report after the breach warned the companies to be alert: “We are urging the telecom and MVNO companies mentioned above to alert, and start immediately replacing the SIM cards, of all affected customers, especially those who have not updated their SIM cards since 2014.”
The breach is a strong indication of loopholes within the security systems of the telecommunication companies. The Malaysian law ensures that the Telecommunication companies provide security for its customers’ personal data. Customers, therefore, have legal ground to sue the companies. The police involved the telecom companies in investigation, and their cooperation may still be needed since the investigation is ongoing.
The chief operating officer of the MCMC, Dr. Mazlan Ismail explained the involvement of the various mobile operators in the investigation. “This is to ensure that they understand what is happening now, especially when the police, through the Commercial Crime Investigation Department, visit them to investigate,” said Dr. Ismail.
He also talked about how important security is, and urged them to work together ensuring safety for the sake of the customers trust. “Communications services cannot escape the security aspects, [service providers] must work together, and safety features are important to gain the trust of consumers,” he added.
According to reports, jobstreet.com also had their own share of the data breach. Personal information of accounts that were created before 2012 were exposed on the Darknet.
The data breach has been a global problem and countries all over the world are developing strategies to subject it under control. Australia recently experienced the largest data breach in their history. Companies and individuals are therefore coming out with proactive measures ensuring that they will not be a “sitting duck” for cyber attacks.