KUALA LUMPUR: All leads will be looked into the alleged data leak and sale of personal data from the National Registration Department (NRD), say police.
“We received a report yesterday by the NRD deputy director in Putrajaya. Our first action is to stop the sale,” said Bukit Aman Commercial Crime Investigation Department (CCID) director Comm Datuk Mohd Kamarudin Md Din.
“From there, we will have to work to identify where the leak is. We will also compare the data leaked to our own database to verify if the information is legitimate,” he said at a press conference at the Jinjang police station on Tuesday (Sept 28).
He added that as of now, “everybody is a suspect” and that the police did not deny the possibility of an inside job.
Previously, a social media user raised the alarm on a database being sold online that purportedly contains the personal data of four million Malaysians.
The database, according to a tweet by Adnan Mohd Shukor, is claimed to contain details such as names, emails, mobile numbers and addresses, and is grouped by birth year from 1979 to 1998.
The data is claimed to be harvested from the NRD through the myIDENTITY API.
Adnan, an intrusion analyst, also tweeted that the 31.8GB file is being offered for sale for 0.2 BTC (RM35,350).