Now Reading
PDRM is investigating JPN data leak via LHDN’s myIDENTITY API

PDRM is investigating JPN data leak via LHDN’s myIDENTITY API

by Vyncent ChanSeptember 29, 2021
What's your reaction?
Me Gusta
Sad Reacc

There’s apparently a leaked National Registration Department (JPN) database obtained via the Inland Revenue Board (LHDN), and now the Royal Malaysian Police (PDRM) are on it. The database reportedly contains data on 4 million Malaysians, and it was being sold for 0.2BTC, or approximately RM35 419.

LHDN has denied that the leak happened via the myIDENTITY API that’s available on their website, which the seller claimed was the way he got the leaked data. The API lets government agencies access everyone’s personal data from a centralized repository, and among the agencies with access include JPN and LHDN. The database leaked reportedly contains details like name, email, mobile number, address, gender, IC number, race and religion, coming up to a total of 31.8GB.

PDRM JPN database leak LHDN myidentity api

PDRM is apparently also trying to block the sale of the database, while investigating the case with the MCMC, CyberSecurity Malaysia and National Cyber Security Agency. PDRM has not ruled out the possibility of this being an insider job. The case is being investigated under Section 4(1) of Computer Crimes Act 1997.

In the meantime, LHDN is reassuring the public that the data in their systems are well protected with verified data security technology. They are also claiming that there was no database leak.


Pokdepinion: I sure hope there was actually no data leak and that this is all a hoax… Not sure what unscrupulous people can do with so much detail on 4 million people.

About The Author
Vyncent Chan
Technology enthusiast, casual gamer, pharmacy graduate. Strongly opposes proprietary standards and always on the look out for incredible bang-for-buck.

Leave a Response