Over 800,000 Malaysians' personal data with photos, allegedly stolen from MySPR site, being sold for about RM9,000


The MySPR Daftar website, launched back in 2019, allowed Malaysians to register as voters online. — KAMARUL ARIFFIN/The Star

PETALING JAYA: The personal data of over 800,000 Malaysians, allegedly syphoned from the MySPR Daftar website, is being sold on an online forum for US$2,000 (RM9,240), to be paid in bitcoin or monero cryptocurrency.

The seller claimed that the database contains the info of 802,259 users, including selfies and MyKad photos that were provided for online voting registration on the MySPR Daftar website through the electronic Know Your Customer (eKYC) system.

The database is alleged to contain over 1.6 million photos, with a file size of 67GB.

According to the uploader, the database also contains the full names, MyKad numbers, email addresses, hashed passwords, phone numbers, birth dates and addresses of voters.

Though the post was first made back on April 11, its existence was highlighted by Twitter user @acaiijawe on Wednesday (Nov 9).

In another post, the uploader is selling the personal data belonging to 22.5 million Malaysians born between 1940 and 2004, allegedly obtained from the My Identity API.

As of the time of reporting, both threads made by the uploader are still up on the forum.

The MySPR Daftar website, launched back in 2019, allowed Malaysians to register as voters online, though with the shift to automatic registration this year, the MySPR system now only functions for changing voting addresses and the application for postal voting for those overseas and other eligible individuals.

The Department of Personal Data Protection declined to comment, saying that the Personal Data Protection Act 2010 (Act 709) doesn't apply to state and federal government bodies, and that the Act served to regulate the processing of personal information in commercial transactions.

CyberSecurity Malaysia (CSM) said it’s still waiting for a response from its tech team, while the Malaysian Communications and Multimedia Commission (MCMC) has yet to respond.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Court says EU must pay a fraction of legal fees sought by Qualcomm
X, ByteDance, Booking.com could face tough EU rules
What are the credible alternatives to ChatGPT?
This AI tool is capable of generating a video game from a simple image
Surge in Wendy’s complaints exposes limits to consumer tolerance of unstable prices
This smart glove can teach you to master new skills
Super Micro surges as AI server maker set to join S&P 500
Nvidia CEO says AI could pass human tests in five years
US judge says Google must face some advertisers' antitrust claims, dismisses others
WTO e-commerce tariff moratorium wins temporary reprieve

Others Also Read