How the telcos got hacked?

3 years ago

The story about the personal data of millions of Malaysians up for sale is not going away.

One Keith Rozario has stepped up to the plate and set up a place, which is not connected to any server, for people to check:

But before you do so, please read this:
Basically, anyone can access this site and get your mobile phone details by keying in your IC number.

Even though Keith has masked the numbers, he claims they can be easily hacked from the internet.

He is making a point.
That’s perhaps how Maxis, Digi, and rest of the telcos got hacked.
We don’t know how much we can addd to this alarming dilemma.

The Malaysian Communications and Multimedia Commission (MCMC) is watching the space, but the problem may be insurmountable for them.
Derek Tan, Partner for Content & Social at ENTROPIA shares, “I believe the biggest concerns on privacy will start to gain mainstream attention in our region, especially when the rage this morning has been echoed on CIMB’s loss of magnetic tapes of customer data.

“Most brands and organizations often use convenience and accessible pricing as compromises to stakeholder interest at the heart of new age data architectures and storage of data.”

He continues, “The constant brushing aside of the extent of damage as the go-to approach in preserving reputation will no longer be tolerated as an acceptable stance. While CIMB stands commendable in proactively reaching out, there is a gap in how prepared Malaysian organizations are in protecting the best interests of the stakeholders while presenting solutions that prevent such occurrences with adequate transparency.”

CIMB said in a statement today said, “”The back-up tape data does not contain any authentication data such as PINs, passwords or credit card CVV numbers.”

“Although this was an isolated incident, we have reviewed and further strengthened our security and internal processes to ensure we remove the possibility of it recurring,” said CIMB Group Holdings Bhd chief executive officer Tengku Datuk Seri Zafrul Tengku Aziz.

Chief Data Officer of Dentsu Aegis Network (DAN) Malaysia, SueAnne Lim, adds, “The proliferation and the possibility of utilizing data to create and capture value is what’s making data extremely valuable to companies.

“As there are many new digital-based media platforms sprouting out saying they can capture data on consumers’ whereabouts and behaviour, and corporations looking to harness their own customers’ data for business intelligence.”

“Suddenly, a lot more people have direct access to handle customers’ information.

“And when legal compliance and information security do not measure up at the same speed, or worse, not in place at all – then you suddenly have a huge incremental risk in data breach and leaks.”

“No one can or should assume their systems and data teams are foolproof because technology evolves every day. In DAN, we have proactively formed a Risk & Compliance Committee that ensures our data strategy goes hand in hand with legal counsel and IT security.”

Many people have also been receiving emails like this one below of late…..