Aminia confirms breach of externally hosted services, claims no sensitive data leaked

By Christopher Fam

On Jan 30, the R00tk1t hacker group claimed responsibility for a cyberattack on Aminia. — 123rf.com

PETALING JAYA: Telecommunications service provider Aminia has confirmed that its externally hosted services have been breached following claims made by notorious hacker group R00tk1t.

In a statement to LifestyleTech, an Aminia spokesperson said that despite the attack, it has had no impact on its ongoing customer operations, and no sensitive customer data was leaked.

It said that as an external service provider, it doesn’t store customers’ Personal Identification Information (PII).

The company also claimed that the Aminia-branded routers currently deployed by its telco customers are not affected, as “these are not connected to any of (the) Aminia external servers or services”.

The Aminia spokesperson further added that the company had already lodged a report with the authorities and briefed its telco customers on the incident.

The R00tk1t hacker group had originally claimed responsibility for a cyberattack on the company on Jan 30, alleging that it had successfully breached Aminia via its Telegram group.

On Monday (Feb 5), R00tk1t claimed to have breached Maxis, though the telco said it had not found any intrusions into its internal systems.

It did, however, discover a suspected incident of unauthorised access to a system belonging to a third-party vendor, which it didn’t name.

R00tk1t had warned that it would be targeting Malaysian digital infrastructure on Jan 26.

In response to the warning, the National Cyber Coordination and Command Centre (NC4) published an advisory on its website, alerting local organisations to be vigilant in regard to the threat actor targeting the country's infrastructure on Jan 28.

"Considering the potential duration of this campaign, which could span several weeks, NC4 strongly advises all Malaysian organisations to implement essential preventive measures in order to safeguard against this attack.

"Failure to do so could result in operational disruptions and compromise the security of the organisation's infrastructure, data, and systems," it wrote in the advisory.

The NC4 also states that the hacker group had previously targeted various sectors in other countries by exploiting known vulnerabilities and utilising insiders.

A similar advisory from MyCert was also published today (Feb 6) on its website.

×

Related stories:

Maxis says its system is unaffected after R00tk1t hacker group threatens to expose ‘treasure trove of customer data’

New year, familiar threats: Cybersecurity experts warn of the threats to come for 2024

Study: Malaysia most hit by disruptive cyberattacks in Asean last year

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Report it to us.

Next In Tech News
Instagrammers, avoid making overly long Reels
El Salvador mined nearly 474 bitcoins, adding to state crypto holding, in last three years
OpenAI co-founder Ilya Sutskever to exit
Elon Musk ordered to testify again in US SEC probe of Twitter takeover
Comcast to unveil Netflix, Apple TV+, Peacock streaming bundle
TikTok creators file suit to block US divestment or ban law
Google launches Trillium chip, improving AI data center performance fivefold
Meta to shut Workplace app to focus on AI, metaverse
Elon Musk's xAI nears $10 billion deal to rent Oracle's AI servers, The Information reports
Amazon's cloud unit chief to step down after three years

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.