Thursday, February 4, 2021

E-Pay Malaysia Customer Data Is Being Sold Online; Involving 380,000 Accounts


A significant number of user accounts belonging to local e-payment provider, E-Pay Malaysia has made their way to a popular database marketplace forum. According to the listing, the seller claims that the database which was dated January 2020 contained information belonging to 380,000 accounts.

The listing was first noted by Twitter user @Bank_Security  which often listed bank and cybersecurity threats from all over the world. The existence of the listing was then spread like wildfire after it was made viral by local IT-oriented Facebook page, OMG Hackers.

The seller claimed that the database contained a user name, e-mail address, date of birth, contact address, and a mobile phone number. However, the account password and related tokens have apparently been masked.

Our quick check into the said forum showed that the listing has been removed though. That being said, we have discovered through a search cache that the seller is offering the database for just USD 300 (~RM 1,216).


Even though the listing is no longer there in the said forum, we highly recommend all E-Pay Malaysia’s customers and merchants out there to change your password. We are now attempting to reach out to E-Pay Malaysia for clarification as well as the Malaysia Computer Emergency Response Team who apparently have been alerted about the listing.

No comments:

Post a Comment

Quest VR Headsets To No Longer Require A Facebook Account For Login

Meta has recently announced that a Facebook account is no longer needed for Quest VR headset logins. Instead, owners are now required to cre...