The National Registration Department (JPN) has denied any leakage of MyKad data through its system or database. In a recent Facebook post, it noted that its investigation found no evidence of a data leak or suspicious activity within its system.
JPN also stressed that such incidents have never occurred before, assuring the public that the security and integrity of Malaysian data under its custody is guaranteed and secure. The department revealed that it had contacted the National Cyber Security Agency (NACSA) and the Royal Malaysian Police (PDRM) to facilitate investigations at their respective levels.
The same post also highlighted statements from the Minister of Home Affairs, the Director General of Nacsa, and the Deputy Director (Investigation) of PDRM’s Commercial Crime Investigation Department. All of which affirmed that no breach occurred within JPN’s database.
In case you missed our earlier report, dark web threat intelligence firm StealthMole on 3 December 2024 claimed that threat actors were offering MyKad data of 17 million Malaysians for sale on the dark web. Rather than a database of information, the alleged samples consisted of photos of Malaysian ID cards, suggesting that the data may have been stolen from eKYC (Electronic Know Your Customer) systems used by shopping and services platforms, banks, and other institutions.
Additionally, Nacsa has determined that the alleged leak of MyKad data does not pertain to a recent breach. According to Director-General Ir Dr Megat Zuhairy Megat Tajuddin, analysis by the National Cyber Coordination and Command Centre (NC4) revealed that the samples in question date back to breaches between 2015 and 2017, and have been circulating online without credible links to current incidents.
(Source: JPN, via Facebook / Berita Harian)
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.
