It seems like the National Registration Department (JPN) has sprung a leak again. This time data of approximately 22.5 million Malaysian adults that were born between 1940 to 2004 has gone up for sale.
The seller claims that data was obtained through the myIDENTITY API – a central data repository for the public sector that is used by over 104 government agencies.
The asking price for the 160GB of data is 10,000USD in cryptocurrency.
This latest leak was first highlighted by Amanz.
It is similar to the leak that we saw last year where data of 4 million Malaysians allegedly taken from myIDENTITY API went up for sale.
In response, Home Minister Datuk Seri Hamzah Zainuddin denied that there were any leaks.
However this time the seller also posted the full address and MyKad number of the Home Minister as if to prove a point.
Last month the same seller put up for sale what they claim to be MyKad selfies and data of 800k Malaysians taken from the Election Commission of Malaysia (SPR). The asking price for this information is 2,000USD
So What Can We Do About It?
While the security of these databases is in the hands of the authorities and they certainly should do something to prevent this from happening again, as everyday Malaysians there are things that we can do to protect ourselves as well.
Firstly, we need to be aware of scammers and their tactics. Polis Diraja Malaysia Twitter page has been doing a good job sharing information on scammers and how to avoid them.
Be sceptical whenever you are contacted and money enters the conversation. Just because the person on the other end of the line knows some of your personal information, doesn’t mean they are legitimate.
Always resist the pressure to act immediately. Instead, double-check the agency or person who is asking you for money by calling them back through a known, genuine, or official contact number.
Even if the leaked database is not real, these basic tips may help you avoid losing your hard-earned cash to some lowly scammer.