KUALA LUMPUR (Reuters) – Malaysia is investigating an alleged attempt to sell the data of more than 46 million mobile phone subscribers online after a major data breach, Communications and Multimedia Minister Salleh Said Keruak said on Wednesday.
The massive data breach was first reported last month by Lowyat.net, a local technology news website, which said it had received a tip-off that someone was trying to sell huge databases of personal information on its forums.
Salleh said the country’s internet regulator, the Malaysian Communications and Multimedia Commission (MCMC), was looking into the matter with the police.
“We have identified several potential sources of the leak and we should be able to complete the probe soon,” Salleh told reporters at parliament.
The leaked data was being sold for an undisclosed amount of Bitcoin, a digital currency, Lowyat.net said on Monday.
It included lists of mobile phone numbers, identification card numbers, home addresses, and SIM card data of 46.2 million customers from at least 12 Malaysian mobile phone operators.
Malaysia’s population is just around 32 million, but many have several mobile numbers. The lists are also believed to include inactive numbers and temporary ones bought by visiting foreigners, local daily The Star reported.
MCMC’s chief operating officer Mazlan Ismail said on Tuesday the regulator had met with local telecommunications companies to seek their cooperation in the probe, according to state news agency Bernama.
The data also includes private information of more than 80,000 individuals leaked from the records of the Malaysian Medical Council, the Malaysian Medical Association, and the Malaysian Dental Association, Lowyat.net said.