Malaysian Digital Ministry reviewing claims of data breach at LPPKN by ROOTK1T

The National Population and Family Development Board (LPPKN) of Malaysia has announced it was the target of a cyberattack by the hacker group R00TK1T on its iKnow server on February 19. The hackers claimed to have exfiltrated over 27TB of data from LPPKN's servers, a claim that caused initial concern on social media and among government officials about the security of the broader Padu database.

However, LPPKN assured that this breach did not compromise any vital public data or disrupt its service offerings, emphasizing that the affected information was solely for internal use. This incident involved a specific unit within LPPKN, also referred to as Padu, which is distinct from the federal government's central Padu database system.

It's not clear what data was exposed and whether any individuals are impacted by the breach.

The compromised server housed documents related to past programs by the now-defunct Padu unit, which LPPKN states are of no significant consequence to its current operations. Immediate steps were taken to restore and secure the affected systems, including a thorough malware scan of the compromised folders.

Economy Minister Rafizi Ramli and the Digital Ministry, headed by Gobind Singh Deo, clarified that the breach was confined to the LPPKN and did not impact the central Padu system.