%20(1).webp?w=1600&resize=1600,900&ssl=1)
A recent claim by the Indonesian hacker group INDOHAXSEC about accessing and selling sensitive data from Malaysia’s MyFex 2.0 database has sparked significant alarm.
The database, tied to the Malaysian Ministry of Development (KUSKOP), reportedly contains personal and business information of applicants, including names, MyKad numbers, birthdates, and contact details.
This revelation highlights growing cybersecurity vulnerabilities in government systems.
Details of the Alleged Breach
On a dark web forum, INDOHAXSEC advertised access to the MyFex 2.0 database for sale, showcasing its alleged contents as proof.
According to the post from ThreatMon, the leaked data reportedly includes sensitive personal and business information such as applicant names, identification card numbers (MyKad), nationality, phone numbers, email addresses, and consultant details.
This breach could expose affected individuals to identity theft, fraud, and other malicious activities.
The Malaysian Ministry of Development has not yet issued a public statement addressing the claims. However, cybersecurity experts warn that such breaches can have far-reaching implications for both citizens and businesses.
The incident also underscores the persistent threat posed by cybercriminal groups operating on dark web platforms.
Rising Cybersecurity Challenges in Malaysia
This alleged breach is not an isolated case in Malaysia.
In recent years, the country has experienced several high-profile data leaks. For instance:
- In 2021 and 2022, millions of Malaysians’ data were stolen from government databases and sold on dark web forums.
- In 2023, the Auditor-General reported over a million cyberattacks targeting the MySejahtera application.
These incidents reveal systemic weaknesses in Malaysia’s cybersecurity infrastructure and highlight gaps in the Personal Data Protection Act (PDPA) 2010.
Notably, the PDPA does not mandate breach notifications or apply to government agencies, leaving critical systems vulnerable.
Implications and Call for Action
The alleged MyFex 2.0 breach raises urgent questions about Malaysia’s ability to safeguard sensitive citizen data.
Cybersecurity experts are urging immediate reforms to the PDPA to include mandatory reporting requirements and stricter oversight of government systems.
Additionally, public awareness campaigns about protecting personal information are essential to mitigate potential fallout from such breaches.
Also Read:
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=Reportedly%20contains%20personal%20and%20business%20information%20of%20applicants,%20including%20names,%20MyKad%20numbers,%20birthdates,%20and%20contact%20details.){kind=link}