A NUMBER of Malaysians have discovered that they are the victims of data theft after running a check with sayakenahack.com, a website set up by a tech blogger after lowyat.net reported that an individual was attempting to sell on the forum the personal data of millions of Malaysians obtained through a security breach.

The Star Online today reported that a company secretary and an engineer were among those who found out their names and MyKad numbers had been used to register for mobile phone lines.

The company secretary, who asked to remain anonymous, said an unknown prepaid number was listed as hers even though she had never subscribed to the cellular service provider.

“I have always been using another telco and my only number is a supplementary line to my husband’s for almost 15 years now. I’m guessing my personal information was stolen to register that prepaid number,” she told The Star Online.

An engineer, identified as Tan, 36, also discovered an unknown mobile numbers registered in his name.

“That stray number is not even one I used previously. How did someone else register a number using my details?” he said.

Malaysian Communications and Multi­media Commission (MCMC) network security and enforcement sector chief officer Zulkar­nain Mohd Yassin told The Star Online that the discoveries were likely cases of people using another person’s identity to register.

He advised mobile subscribers who have discovered the breach to check with their service providers the accounts registered in their names and MyKad numbers.

“The service providers have facilities to check these numbers. We also advise users to lodge a report with their service providers and the MCMC.

“We are serious about this. That’s why you see many compounds issued by the MCMC to service providers in respect of non-compliance with the guidelines of prepaid registrations,” he said.

Web-based utility sayakenahack.com was created by Keith Rozario to  allow mobile phone subscribers to check if their phone number was one of the 46.2 million accounts that was compromised in a recent data leak.

Rozario said that he had uploaded data from Maxis, Digi, Celcom and UMobile for telco users to check if they had been affected by the breach.

The website cross checks the user’s MyKad number with the data that had been leaked to determine whether a user’s mobile phone number is among the data that has been leaked.

More than 50,000 Malaysians have used the utility so far. 

Lowyet-net reported on on October 19 that an individual was trying to sell the data of 42 million mobile phone accounts. The data included home addresses, MyKad numbers and SIM card data.
.
Bukit Aman Commercial Crime Investi­ga­tion Department director Comm Datuk Amar Singh said police were “working round the clock” in the probe into the data breach. – November 16, 2017.