Recently, a hacker from BreachForums alleged that they have obtained as much as four million customers’ data from local telecommunications provider U Mobile, which contained personally identifiable information (PII) including names, NRICs (MyKad numbers), phone numbers, and addresses. The hacker is also asking for $5,000 (~RM23,245) in Bitcoin to potential buyers of the data.

“Our data is secure”, Says U Mobile
However, U Mobile has since released a statement addressing the claims. Here’s what they said in full:
U Mobile confirms that the sample which was posted on BreachForums on 16th July 2024 is old data from 2014. The sample also corresponds to breached data from the incident reported in 2017 that involved leakages of personal information of over 46 million users across various Malaysian organisations, dating back to 2014.
Once again, U Mobile confirms no evidence of unauthorised access into our database was found. We are confident that our data is secure, and we would like to assure our customers that we put the utmost importance on cybersecurity and extensive measures are taken to safeguard our customers’ data.
As The Star reports, National Cyber Security Agency (NACSA) is currently investigating the incident, though preliminary findings indicate that some information from the sample are incomplete, with missing NRICs and addresses. NACSA is the government agency responsible for overseeing cybersecurity incidents in Malaysia.
Pokdepinion: Good to hear no new information is breached for now.