The personal data up for sale in the Dark Web included postpaid and prepaid phone numbers, users’ names, customer detail, SIM card data, and addresses.
Many countries have been hit this year with incredible data breaches, this time Malaysia was struck by a massive data breach containing data from over 46 million phone number subscribers. According to the hacker who put the records for sale on the dark web, the information comes from network operators and Malaysian telecoms. The data included personal data such as phone number, addresses, SIM card data, users’ name and customer details.
A small part of 80,000 records was said to belong to the Malaysian Dental Association (MDA), Malaysian Medical Council (MMC) and the Malaysian Medical Association (MMA), according to users on the dark web.
Data from major local operators was compromised, these companies included Celcom, Maxis, DiGi, RedTone, TuneTalk, and Altel. Lowyat.net, a Malaysian online news site was the first to discover the massive data breach, and according to their investigations, the data breach occurred in 2014. Another important news site IBTimes UK has not verified the validity of the data up for sale on the dark web, neither the hacker’s statements of 46 million records.
News site ‘The Star’ had the chance to have an interview with Lowyat.net founder Vijandren Ramadass, who said he gave all the stolen data received from the hacker to the MCMC (Malaysian Communications and Multimedia Commision). Reports from the news site Lowyat state that before the discovery of the data breach, it had probably already been in circulation and traded in Dark web marketplaces.
Although information is already in circulation and authorities are beginning investigations, it remains a mystery how such a massive batch of information was compromised, and what’s more, put up for sale on dark web marketplaces. There also aren’t any reports over how much the hacker is charging in exchange for the records.
As a conclusion, the total amount of records stolen by the hacker is approximately 46 million, however, Malaysia has a population of only 32 million. This suggests strangers and tourists’ information may also be in danger.