Payment gateway provider iPay88 says ‘cybersecurity incident’ may have compromised users’ card data

iPay88 claimed that the containment process was successful, with no further suspicious activity detected since July 20. — Image by Darwin Laganzon from Pixabay

PETALING JAYA: Payment gateway provider iPay88 revealed in a statement that it suffered a "cybersecurity incident" that may have compromised customers' card data.

The company provides payment processing services to a host of businesses, including ecommerce platform Shopee and Apple authorised reseller Machines.

ALSO READ: Malaysians’ personal data allegedly being sold openly on the Internet (Update: Site is down)

Payment cards from most major banks and ewallet services in the country are accepted by the gateway, making the incident especially concerning.

While it is unclear when the incident occurred, iPay88 said that the leak was detected on May 31.

ALSO READ: Data of Malaysians born between 1940 and 2004 allegedly being sold for over RM40,000

"Upon discovery of the issue, we immediately initiated an investigation on May 31 and brought in cybersecurity experts to contain the issue," the company stated.

It claimed that the containment process was successful, with no further suspicious activity detected since July 20.

ALSO READ: Netizens express concern over online sales of Malaysian phone numbers

"To ensure the continued safety of the card data, we have implemented various new measures and controls to strengthen the system’s security against any further incidents," iPay88 posted on its website.

It also said that an investigation into the incident is still going on and that more information will be shared later.

ALSO READ: Database containing personal info of four million Malaysians allegedly being sold online

"All financial institution partners have been informed and kept up to date.

"We will continue to monitor the situation closely and ensure the safety of the cardholder data," it said.

Lembah Pantai MP Fahmi Fadzil criticised the company on Twitter, saying that iPay88 didn't act quickly enough to warn customers even though the incident happened more than two months ago.

He said the Personal Data Protection Act 2010 has to be amended, adding, "Too many data leaks. Too little data protection."

Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Tech News

Nigeria regulator says local Binance operations 'illegal'
More ‘charismatic’ AI can abuse trust but also help creativity
Opportunity or risk as sport races ahead with AI?
How to keep your data safe despite web browser security flaws
Meet the young Malaysian who’s built up a profitable empire on YouTube
Twitter to pay verified creators for ads in replies, Musk says
Tesla jumps as GM deal makes its charging network closer to US standard
The modern classics: Gaming consoles with retro charm
Exclusive-Russia's VTB may pull out of running for Yandex stake - CEO Kostin
Giving durability its due: How Zelda’s breakable weapons improve gameplay in Tears Of The Kingdom

Others Also Read