By HANI SHAMIRA SHAHRUDIN - November 16, 2017 @ 12:34pm

KUALA LUMPUR: The massive online breach of information on over 46 million mobile phone subscribers in Malaysia is believed to have occurred during a data transaction.

Inspector-General of Police (IGP) Tan Sri Mohamad Fuzi Harun said initial investigation has revealed that the breach could have occurred during a data transfer, when a number of crooked employees of a company were able to take advantage of the situation.

“We have some leads pertaining to the case and we have identified those involved.

“Further action will be taken (against the alleged culprits),” he said, adding that the company for which they worked is not involved in the crime.

When asked if the source of the breach has been identified, Fuzi said police are still investigating the matter.


“I cannot confirm the source of the leak, but we have leads on how it happened. (It was) not (the work of a) syndicate,” he said.

Fuzi said investigators are currently working with telco companies to pinpoint the source of the leak, but the motive has yet to be established.

https://www.nst.com.my/news/crime-courts/20...-identified-igp

This post has been edited by FatalExe: Nov 17 2017, 09:54 AM

If lyn dint post the news the first time, they gonna ignore it?

Beat him, hang him, burn his house bla bla

So, bila mau tangkap? Next Tuesday?

Just tangkap and show the world the face lah, no need to kuda "identified"

PDRM now like politician jor

Someone should initiate a class action lawsuit against the telcos... Can't just blame it on some rogue employees and call it a day

allready i take action and complain twice 2 pdpa department and mcmc........ no result..

Finally they said

"not commercial" in the e-mail with no letterhead..

WTF

Now, the pdpa department cannot run away since act 2010 but 2017 only one action to a company this march only with dungeon of report....

This post has been edited by alien3d: Nov 17 2017, 10:03 AM

more like plotek telco. how come it leak at the first place? are their policies that weak? we talking about data breach here

If this is in usa, sure kena sue by subscribers until pants drop.

jobstreet maybe the internal staff rogue after being buy out from australian company...
the staff may work with doc and some related friend with mcmc folks..

Just find the rogue staff after jobstreet buyout

Should initiate class action lawsuit. Our personal data leak is no joke. And involved millions of people

no need so extreme lah, just publish all his name, age, gender, address, and anything related to him in every newspapers, tv, radio, notice boards, every where.

we only have around 26mil population back in 2014...but over 40mil + phone line..

who have 2nd phone for mistress for stand up...

catching 1 person, not telco
padahal telco yang jual info

Quick, go to Bar Council and ask them to sue

seriously, looks like you did not read or don't use your brain.

But thats only 1 leak. What about the medical 1? Dont tell me telco also keep our medical records 😑

Based on our country's history, these are most likely scapegoats.

lemme ask u
is catching that culprit gonna resolve that problem from ever happening again?

telco playing victim card. "not our fault". lol. while secretly sells info to 3rd party.topkek.

thats right
its never 1 culprit, its the whole telco

What company would have all the major telcos' data?

A contractor for mcmc?

leaks that caused us receiving strangers calls?

I wish more people aware how seriously of the data leak which is going to stay on the internet forever...

This post has been edited by Kadaj: Nov 17 2017, 11:35 AM

had rm100+ worth of calls monthly attributed to me for a period of 6 months. insisted that i was the one who made it. even their own assigned investigator/wanker within the company assumed i'm trying no skip paying and spoke as such when he was supposedly reporting back to me with the results of the investigation.

so i bayar and left the network. it was maxis. plenty of shady employees within.

that is why i say more like plotek telco. but the question is, who has the ball to sue them? even the gov also plotek telco

I just give up, you can live on with your ignorant views.

The breach likely occurred within MCMC itself, or a related arm. Just read up Keith's post and you will understand. Who has a centralized database? Now tat's the right question to ask.

It would be a big slap to their face if it really came from mcmc. The gov arm thats suppose to be the 1 to ensure our data protection being the source of the leak is really ... i cant find the right word for it.

ok scapegoat identified. telcos gonna be free ? im not satisfied !!

so easy salahan employee tutup kes?

EVERYONE is selling EVERYONE info

wtf u guys children?

no voice from huge crowd?

no need to work on it then

46mil sue RM1 each person to the person that did it, can 14th floor straight away.

@fuyusakura.

If u read this article of course they said, caught culprit and they suspect it leak during database transfer. Telco whom this culprit work, did not involved at all.

but, fyi, this has happened long long way ago. Way b4 this article come out. U ask @Seven, after his posting goes viral, then MCMC and police want to investigate this matter. If general public complain, they all buat dek saja.

Ya, ur opinion is based on this article.I know and I had read this article. But pipu breach of privacy had occured for at least 10 years ago. And who is going to be responsible for that 🤔🤔🤔.

I think Malaysians are not very well versed with corporate responsibility.

Even if it's rogue employee doing the leaking, it's still an employee of the Telco. It doesn't matter if the company did not intend to leak it.

Whatever that happens under the company, the company is equally liable and responsible. If not, then no companies would be liable since they can just blame it on random scapegoats.

It isn't rocket science guys. Protek corporate interest is the dumbest thing a society can do.

When McDonald's employee in USA had the wrong water temperature set for their coffee machine and burned one of their customers, do you blame that employee or McDonald's? Ultimately McDonald's is the one to blame because of corporate responsibility, they did not provide adequate training, they did not set limiters for their coffee machines, it was McDonald's providing their service in their premises, employees are part of the corporation, etc.

Same logic for this case. Rogue employees still represent the company. There is no such thing as only blaming the employee and there is even less sense for PDPA commission and MCMC and police to protect corporate interest when they should protect consumer and public interest instead. Especially when it involves the data breach of the entire country.

This post has been edited by FatalExe: Nov 17 2017, 11:25 AM

Stigonboard says you are wrong...

Dont quote me when your earlier assumption is different from Fuyu

different? you got comprehension problem?

Telco yg jual maklumat lettew

here, the other way around. and we as Malaysian we also lack of knowledge. we can do so much more but instead we just ignore. the worse part is we dont even care (most). that is why no much noise make by malaysian. for example, i send an email to my office regarding this (since im the one responsible for most IT related things in my office) and no one even reply my email. no one respond to it or even ask me back. almost like no one give a F

black goat inkambing

tak ada report tak ada case , ada report baru ada case , police are not a god if no one report how they know got case happen.

normal patrol can arrest data breach case meh , increase men power can detect and prevent data breach happen ?

This post has been edited by bereev: Nov 17 2017, 12:07 PM

Yes. Maybe we should contact bar council to initiate class action lawsuit.

But dint mcmc ask lyn to remove the news?

I think they knew

how much families can get if willing to scarifies

If IGP is talking about the leak from telco (there are several leak sources actually!), and given it is highly suspicious that the souce comes from a centralized database (read: MCMC), then the "company" he mentioned should be an outsourcing company dealing with MCMC.

Typical you pay peanut you get monkey.

exactly.
like that scapegoat only.

the company shud be sued.

Hope PDRM not just catch the culprit but the buyer too.

You said earlier that:

- the leak is due to mcmc database being hacked
- someone in mcmc sold it to others

And i say NO to both of your assumption

And fuyusakura assumption is different set of argument already coz he or she never mention explicitly that the issue may happened due to database hacking or someone in MCMC selling it like what you did...

Fuyu theory more related to MCMC in the centre of this breach..but not wantonly and confidently say this is due to hacking or attempted selling

There is lot of causes and events that can fit the term 'security breach' and fuyu is smarter than you by using that term

If you cant understand you need to read more on the IT security concept esp CIA

This post has been edited by Stigonboard: Nov 17 2017, 12:31 PM

leak him instead.

I think if we look close enough, the culprits will not be inside the db.

then it's just semantics.

I used the exact wordings while fuyu just used generic term of 'security breach'.

ok I accept now that it may not exactly be 'hacking' or 'inside job'.

point is the source of the 'breach' is highly possible still MCMC or their 3rd party vendors/suppliers or anyone having access to their database.

don't tell me someone from or related to MCMC purposely or accidentally uploaded the raw data onto an unsecured cloud storage somewhere?

lulz...if telcos pay more attention in security, this would less likely to happen...

something not right....something fishy here

patutlah selalu dapat panggilan beli insuran,kerja mereka rupanya ingatkan syarikat telco yg bagi.

question

if my NRIC got registered to few other telco that I had never used...how ah?

go to their CS ask them to terminate account that wrongly linked to my NRIC ID?

hidup lanun /k!

So what are they gonna do ?

It's not 10 years ago. It's just the last couple years. Keith is a whistle-blower + trumpet blower. He reveals a bit too much of info. Go read the other thread's comments by se7en. Then you get the full picture.