[UPDATE: 5 February 2024 – 8:00pm] R00TK1T, via Telegram, is now threatening to shut down Maxis’ systems and expose its data every two hours if no official statement regarding the breach is released. Like its last update, the group also attached an image along with the post, this time is an alleged screenshot of the telco’s employee dashboard. As of writing, Maxis has yet to respond to this latest threat.
[UPDATE: 5 February 2024 – 6:14pm] R00TK1T has taken to Telegram, demanding the telco to “issue a public statement immediately, providing accurate and transparent information about the current situation.” Included together with its latest post on the messaging platform is a new screenshot, allegedly depicting what appears to be a crucial part of the service provider’s backend system.
We’ve already reached out to Maxis for comment, and will keep you posted should there be any new developments.
[Original Story: 5 February 2024 – 3:27pm]
Maxis has issued a response regarding the alleged R00TK1T attack which we’ve reported earlier today. In its official statement, the telco says it immediately launched an investigation to determine the validity of the supposed breach, but did not identify anything related to its own systems.
However, Maxis noted that it did discover a suspected incident involving unauthorised access to one of its third-party vendor systems that resides outside of its internal network environment. In light of this, it is currently working with the vendor, which it did not specifically identify, to investigate further. Additionally, the telco says it has informed relevant authorities regarding the situation.
“Our customers’ privacy and security are of the utmost importance to us, and our ongoing priority is a thorough assessment and containment,” Maxis said in the statement. “Additional defence measures are also being put in place to enhance the robustness of our systems with a view to reducing further risk.”
In case you missed it, hacker group R00TK1T earlier today claims that it has gained access to Maxis’ backend system. It is also threatening to release customer data acquired from the alleged attack, as well as exposing the vulnerabilities of the telco’s security systems.
Maxis is the R00TK1T’s latest victim since it first threatened to attack Malaysia’s digital infrastructure last week, alongside local comms provider Aminia and online course provider Yoututor. The telco says it will continue to provide necessary updates on developments regarding the matter.
(Source: Maxis press statement)
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.