Payment gateway provider iPay88 says ‘cybersecurity incident’ may have compromised users’ card data

iPay88 claimed that the containment process was successful, with no further suspicious activity detected since July 20. — Image by Darwin Laganzon from Pixabay

PETALING JAYA: Payment gateway provider iPay88 revealed in a statement that it suffered a "cybersecurity incident" that may have compromised customers' card data.

The company provides payment processing services to a host of businesses, including ecommerce platform Shopee and Apple authorised reseller Machines.

ALSO READ: Malaysians’ personal data allegedly being sold openly on the Internet (Update: Site is down)

Payment cards from most major banks and ewallet services in the country are accepted by the gateway, making the incident especially concerning.

While it is unclear when the incident occurred, iPay88 said that the leak was detected on May 31.

ALSO READ: Data of Malaysians born between 1940 and 2004 allegedly being sold for over RM40,000

"Upon discovery of the issue, we immediately initiated an investigation on May 31 and brought in cybersecurity experts to contain the issue," the company stated.

It claimed that the containment process was successful, with no further suspicious activity detected since July 20.

ALSO READ: Netizens express concern over online sales of Malaysian phone numbers

"To ensure the continued safety of the card data, we have implemented various new measures and controls to strengthen the system’s security against any further incidents," iPay88 posted on its website.

It also said that an investigation into the incident is still going on and that more information will be shared later.

ALSO READ: Database containing personal info of four million Malaysians allegedly being sold online

"All financial institution partners have been informed and kept up to date.

"We will continue to monitor the situation closely and ensure the safety of the cardholder data," it said.

Lembah Pantai MP Fahmi Fadzil criticised the company on Twitter, saying that iPay88 didn't act quickly enough to warn customers even though the incident happened more than two months ago.

He said the Personal Data Protection Act 2010 has to be amended, adding, "Too many data leaks. Too little data protection."

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News

TikTok artists and advertisers to stay with app until 'door slams shut'
TikTok to suspend TikTok Lite's reward programme amid EU concerns
ASML approves Christophe Fouquet as CEO at annual meeting
AT&T beats estimates for subscriber additions, free cash flow
Exclusive-Google rival Tuta complains to EU tech regulators about de-ranking
Microsoft's AI lead puts Amazon cloud dominance on watch
TE Connectivity beats quarterly profit estimates on sensor demand
UK watchdog seeks views on Microsoft's and Amazon's AI partnerships
Texas Instruments' upbeat Q2 forecast pushes chip stocks higher
Italy fines Amazon over ‘recurring’ purchase option

Others Also Read