Malaysians personal data that includes selfies and MyKad information now at risk

Sourced from the MySPR system, over 800,000 Malaysian users’ personal data such as selfies and their MyKad used in Electronic Know Your Customer (eKYC) for the function of voting has been stolen.

Even worse, this information is now being offered for sale on a website forum for US$2,000 (RM9,240), with bitcoin or monero as the form of payment.

The database reportedly also includes voter information such as full names, MyKad numbers, email addresses, hashed passwords, phone numbers, birth dates, and addresses that have fallen into the hands of the uploader.

Despite the fact that @acaiijiwe’s tweet gained a lot of attention just yesterday, our own check to the database marketplace revealed that the listing actually happened back in April. 

In actuality, the National Registration Department (JPN) database, which was actually done by the same seller and generated a significant uproar back in May, was listed considerably later than the MySPR database.

The MySPR Daftar website, which was launched in 2019, allowed Malaysians to register to vote online. 

However, with the implementation of automatic registration this year, the MySPR system is no longer functional and can only be used to change voting addresses and apply for postal voting for eligible people who live abroad.

The Malaysian Communications and Multimedia Commission (MCMC) has not yet responded, according to CyberSecurity Malaysia (CSM), which stated it is still awaiting a response from its tech team.


MARKETING Magazine is not responsible for the content of external sites.



Subscribe to our Telegram channel for the latest updates in the marketing and advertising scene