Data breaches are an all-too-frequent reality in the world of cybersecurity. The end result of such breaches is cybercriminals gaining access to the most sensitive information, such as financial data, from unsuspecting victims. The data is usually obtained post-breach on the Dark Web, a fact that should be unsurprising to anyone acquainted with cybercrime. In the case of a recent massive Malaysian data breach, police appear to have made a break in the case. The data breach in question affected 46.2 million Malaysians who were alerted to their data being sold in October on the Dark Web. The incident, according to a report by Catalin Cimpanu of Bleeping Computer, was first brought to the attention of the authorities via an anonymous tip. The tip, which was disclosed on the Malaysian technology website Lowyat.net, gave extensive information on what would soon be understood as arguably the largest data breach in the country’s history.
According to Lowyat.net, the data came from a vast number of sources. As the linked article states:
What is up for sale — for an undisclosed amount in bitcoin is millions of personal data of Malaysians belonging to Jobstreet.com, the Malaysian Medical Council, the Malaysian Medical Association, Academy of Medicine Malaysia, the Malaysian Housing Loan Applications, the Malaysian Dental Association and the National Specialist Register of Malaysia. .
The website went on to report that the motherlode of customer data came from “a huge list of Malaysian telcos including Altel, Celcom, DiGi, Enabling Asia, Friendimobile, Maxis, MerchantTradeAsia, PLDT, RedTone, TuneTalk, Umobile, and XOX.”
As was alluded to earlier in this article, there has been movement in the investigation into who was behind this massive attack. As Catalin Cimpanu in his report indicates, Malaysian authorities have zeroed in on the likely culprits. In a statement by Malaysia’s Inspector-General of Police, Tan Sri Mohamad Fuzi Harun, the breach appears to have originated with employees of one of the companies that a great deal of the data was transferred from. This breaks with early hypotheses that criminal syndicates or the compromised companies themselves were the cause of the Malaysian data breach.
This investigation is obviously still ongoing, but the sooner the source of the breach is found, the better that cybersecurity professionals responding to the incident can prevent something like this in the future.
Photo credit: Pixabay