Malaysia data breach: Probe takes in Netherlands, HK

KUALA LUMPUR • The Malaysian authorities probing a huge online data breach involving 46 million cellphone users have widened their search to the Netherlands and Hong Kong, the national police chief said yesterday.

"There were supposedly three e-mails used to spread the information, each using an IP (Internet protocol) address from Oman, Netherlands, and Hong Kong.

"We are trying to identify the owner of these accounts and this represents our current challenge in conducting investigations," said Tan Sri Mohd Fuzi Harun at an event yesterday, reported the Malay Mail Online.

Police last month revealed that the leak was traced to an IP address in Oman.

They are investigating the data breach together with the Malaysian Communications and Multimedia Commission.

Mr Mohd Fuzi added that it was not yet necessary to seek the assistance of other countries.

He also said it was still unknown if an individual or a syndicate was responsible for the incident.

News of the data breach first surfaced on Lowyat.net in October, when the technology news site reported that some 46.2 million cellular service accounts of Malaysian telcos and mobile virtual network operators had been compromised and leaked online.

The site said the leak, believed to have taken place between 2014 and 2015, included post-paid and pre-paid numbers, customer addresses as well as SIM card details from major telcos in the country including DiGi, Celcom, Maxis, Tunetalk, Redtone and Altel.

No arrests have been made so far in the case.

A version of this article appeared in the print edition of The Straits Times on December 04, 2017, with the headline 'Malaysia data breach: Probe takes in Netherlands, HK'. Print Edition | Subscribe