data breaches Malaysia

(Source – KiplePay Malaysia)

Its just another day for data breaches in Malaysia

Data breaches are becoming increasingly common in Southeast Asia with Malaysia experiencing several major ones in recent times. In fact, Tech Wire Asia has reported numerous data breaches involving government agencies and the financial industry in the country in the past few weeks.

Data breaches not only involved companies in Malaysia as cybercriminals were even able to hack the Telegram and Signal account of the Prime Minister of Malaysia. In a statement, the Prime Minister’s office confirmed that the personal accounts had been hacked and abused by “irresponsible parties” to scam people.

As such, the government is aware of the increasing number of such breaches. But what’s being done to mitigate these breaches?

The central bank in Malaysia (Bank Negara Malaysia) for one has taken the matter seriously. During a recent breach involving a local payment gateway service provider, iPay88, Bank Negara Malaysia has instructed banks to immediately notify affected cardholders of additional protective measures that will be taken to further protect them against risks of fraudulent or unauthorized transactions. Banks have also heightened their fraud risk management and monitoring of suspicious or fraudulent activities for affected cards.

With investigations still ongoing on the iPay88 breach, Kiplepay, an e-wallet service provider and a wholly-owned subsidiary of Green Packet Berhad has now informed its Kiple Visa Prepaid Card users via email of risk through a recent third-party payment gateway provider data breach.

While it is unclear if both data breaches are related as the statement by Kiplepay does not mention it, its hard to deny that they are not related. As such, Kiplepay said it informed customers following the central bank’s request to notify affected cardholders of additional protective measures that are being taken to protect them against risks of fraudulent or unauthorized transactions that may arise from this incident.

“The data breach highlighted was a cybersecurity incident which has occurred to a third-party which may affect Kiplepay users who performed transactions using the third-party payment gateway system,” a statement by Kiplepay said.

Ricky Lew, Chief Executive Office of Kiplepay highlighted that the company takes a serious view on its security and compliance measures in line with the central bank’s policies, directives, and requisite security standards. He also reassured users, merchants, and business partners that their service integrity has not been compromised.

“We have also heightened our security and fraud monitoring measures to detect and prevent any suspicious transaction activities, and continue to safeguard Kiplepay users,” added Lew.

A few months earlier, Malaysia suffered an alleged data leak with the personal information of 22.5 million Malaysians making its way to the dark web. The data was reportedly stolen from the National Registration Department. Interestingly, the ministries involved stated that the leak was not a huge problem as the information leaked did not pose any potential threats.

A recent study by Surfshark also placed Malaysia as the eleventh most breached country in the second quarter of 2022. The study stated that 665,200 Malaysians have been breached from April to June 2022.

At the same time though, the director of the Personal Data Protection Department stated that there have been only 3,699 reports on personal data breaches in Malaysia since 2017, a figure which may would feel does not reflect the actual scale of the problem.