46.2 million mobile numbers have appeared online following a data breach that affected several Malaysian telecommunication companies. The incident involves 15 Malaysian telcos and mobile virtual network operators (MVNO). Included in the leak are customers' mobile numbers along with their personal and device information. Of note, those exposed details contain customers' IMEI and IMSI numbers that can help identify a device based on its SIM card.
A screenshot of one of the affected telco's customer database. (Source: Lowyat.net) Malaysian Internet forum and technology magazine website Lowyat.net first learned of the breach in mid-October 2017 when it received a tip that someone was attempting to sell several large databases of personal information on its forums. It subsequently decided to review the databases. This analysis revealed the telco customer database along with three databases belonging to the Malaysian Medical Council (MMC), the Malaysian Medical Association (MMA), and the Malaysian Dental Association (MDA). Lowyat.net notified the Malaysian Communications And Multimedia Commission (MCMC) at the time of publication. A day later, the MCMC requested that the technology magazine website take down the original article. But a day after that on 20 October, the Commission published a statement on Facebook confirming an ongoing investigation into a data breach involving several telcos. Lowyat.net's original reappeared that same day. In a subsequent post, Lowyat.net reveals the breach likely occurred back in May and July 2014. It's therefore difficult to determine how long the data has been available for sale on the web or how long the hackers maintained access to the affected companies' systems. Those responsible for the attack might have spent years gathering all that information. Dr. Mazlan Ismail, the chief operating officer of the MCMC, said the Commission is currently working with all Malaysian telecommunication companies to determine how the data breach occurred. As he told Malay Mail Online:
"This is to ensure that they understand what is happening now, especially when the police, through the Commercial Crime Investigation Department, visit them to investigate. Communications services cannot escape the security aspects, [service providers] must work together, and safety features are important to gain the trust of consumers."
Meanwhile, Lowyat.net is asking all telco companies implicated in the breach to begin replacing affected customers' SIM cards. With a population of 32 million, it's possible the breach affected the entire country of Malaysia along with foreigners who might have received a pre-paid number while traveling there.
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.