Hacker claims data breach on Telekom Malaysia, stealing data of 20 million users

Telekom Malaysia (TM) has apparently been hit by a serious data breach incident, as reported by a user on a dark web breached forum. The user claimes that on January 24, 2024 they have stolen TM's complete customer database, containing nearly 200 million entries, with about 20 million being effective user data.

To support this claim, the user posted screenshots allegedly showing TM’s customer database architecture documentation, which details the structure, design, and functionality of the company’s database system. These documents span 161 pages.

Per the claims, the data breach includes sensitive customer details such as:

• names,
• MyKad numbers,
• addresses,
• phone numbers,
• salary ranges,
• occupations,
• religious beliefs,
• marital statuses.

The details of the attack are not clear.

The user is also offering to sell the stolen data back to TM, stating that it will not be sold to others if TM accepts the offer.

TM has issued a statement confirming the receipt of a ransom note and the initiation of a thorough investigation. The company stated that the alleged stolen data sets are "pre-processed, recycled, and dated, probably trying to calm users that it's old data. This over-complicated statement gives very little confidence for users.

This incident follows two previous data breaches experienced by TM. In July 2023, a data breach affected a select number of Unifi customers. Another breach in December 2022 affected 250,248 Unifi Mobile customers.