Hacker alleges to have stolen Telekom Malaysia’s customer database with ‘nearly 20 million effective user data’ (Updated with TM’s statement)


Telekom Malaysia’s headquarters and campus in Cyberjaya. Previously, the company disclosed that it suffered a data breach affecting a select number of customers back in July 2023. — AZHAR MAHFOF/The Star

Update: TM released a statement claiming that it had received a ransom note recently, which had prompted “an immediate and thorough investigation to verify these claims”.

It claims that its investigation has shown “that the alleged materials is pre-processed, recycled and dated”.

“Nonetheless, we are treating the situation with the utmost seriousness and are dedicated to resolving this issue with high urgency,” it said.

It also said that it has engaged the relevant authorities, lodged a police report, and is continuously fortifying its cyber defences and bolstering its resilience against such threats.

PETALING JAYA: A user on a notorious forum known for trading information obtained from data breaches alleged that he has stolen the complete customer database of Telekom Malaysia.

The user posted on Jan 24 claiming that the data contains nearly 200 million entries, with “nearly 20 million effective user data”.

Additionally, the user provided screenshots purporting to be the company’s customer database architecture documentation, with 161 pages outlining the structure, design, and functionality of the company’s customer database system.

Samples of alleged customer data obtained from the breach – which include details such as name, MyKad numbers, address, phone number, salary range, work, religious beliefs, and marital status – were also shared.

The user is offering to sell the data to Telekom Malaysia first, claiming that it won’t be sold to others after that.

LifestyleTech has reached out to TM for comments.

Previously, the company disclosed that it suffered a data breach affecting a select number of customers back in July 2023.

It said Unifi customers’ personal information – including names, MyKad/passport numbers, and contact details – was leaked in the data breach, but no financial information was impacted.

In December 2022, the company confirmed that a data breach affected 250,248 Unifi Mobile customers.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News

Costa Rica government's Youtube account suffers cyber attack
Exclusive-Former Cruise CEO Vogt's robotics startup valued at $2 billion in new funding, sources say
US SEC holds crypto task force roundtable as Trump plans regulatory revamp
Cryptocurrency firm founder pleads guilty in US to market manipulation scheme
Yahoo strikes deal to sell TechCrunch to investment firm
US scraps sanctions on Tornado Cash, crypto ‘mixer’ accused of laundering North Korea money
Chipmaker Micron's shares slump as tepid margin forecast eclipses AI prospects
Tether is in talks with 'Big Four' firm about reserve audit, CEO says
UAE commits to $1.4 trillion US investment, White House says
Indian IT earnings likely to stutter in fiscal 2026 on US spending woes, analysts say

Others Also Read