(File pix) The massive online breach of information on over 46 million mobile phone subscribers in Malaysia is believed to have occurred during a data transaction. Reuters Photo

KUALA LUMPUR: The massive online breach of information on over 46 million mobile phone subscribers in Malaysia is believed to have occurred during a data transaction.

Inspector-General of Police (IGP) Tan Sri Mohamad Fuzi Harun said initial investigation has revealed that the breach could have occurred during a data transfer, when a number of crooked employees of a company were able to take advantage of the situation.

“We have some leads pertaining to the case and we have identified those involved.

“Further action will be taken (against the alleged culprits),” he said, adding that the company for which they worked is not involved in the crime.

When asked if the source of the breach has been identified, Fuzi said police are still investigating the matter.

“I cannot confirm the source of the leak, but we have leads on how it happened. (It was) not (the work of a) syndicate,” he said.

Fuzi said investigators are currently working with telco companies to pinpoint the source of the leak, but the motive has yet to be established.

The data breach was first reported last month by the public online forum Lowyat.net, which said it had received information that someone was trying to sell huge databases of personal information.

The databases comprise the mobile phone numbers, identification card numbers, home addresses and SIM card data of 46.2 million customers of at least 12 Malaysian mobile phone operators.

The databases are also believed to contain private information of more than 80,000 individuals, leaked from records of the Malaysian Medical Council, the Malaysian Medical Association, and the Malaysian Dental Association, Lowyat.net reportedly said.

On the matter of CIMB’s lost tapes incident, Fuzi said an element of negligence is believed to be behind the case.

“Initial investigation reveals that the staff managing the tapes could have been negligent,” he said, adding that police have ruled out sabotage.

On Nov 8, CIMB said several magnetic tapes containing back-up data were lost in transit during routine operations.

Some of the tapes contained information on the customers of CIMB Bank and its subsidiaries.

CIMB Group Holdings Bhd has heightened security measures across all channels since the incident.

5,542 reads