What happened in the alleged Malaysian government websites breach?

Cybercriminals have allegedly compromised more than a dozen Malaysian government websites and are offering unauthorized access to these critical systems for sale on a dark web forum. The threat actor claims to possess both live access to the compromised government systems and complete data dumps from the affected organizations.

Which Malaysian government organizations were allegedly affected by the breach?

The government entities allegedly affected include the National Registration Department (JPN), MyGovernment portal, Radio Televisyen Malaysia (RTM), Ministry of Health, Ministry of Defence, Ministry of Foreign Affairs, and Ministry of Higher Education.

What types of data were allegedly exposed in the Malaysian government breach?

Exposed data types allegedly include VPN account connection information, shell access credentials, network and web databases, subdomain information, and local file-sharing details.

What do security experts think about the asking price for the Malaysian government breach?

Security experts note that the US$20,000 asking price appears unusually low for such extensive government access. An anonymous cybersecurity expert suggested this could indicate either that the compromised data is not critical, or that the breach was conducted by inexperienced individuals who may not fully understand the true value of the access they obtained.

What is the National Registration Department (JPN) and why is its compromise significant?

The National Registration Department (JPN) handles citizen identification records in Malaysia. A compromise of this organization could potentially expose sensitive personal information of Malaysian citizens, making it a particularly critical target.

Why did the cybercriminals choose Monero cryptocurrency for payment?

The cybercriminals are accepting payments exclusively in Monero cryptocurrency to maintain transaction anonymity. Monero is known for its privacy features that make transactions much harder to trace compared to other cryptocurrencies like Bitcoin.

Has the number of affected individuals in the Malaysian government breach been disclosed?

No, the nature of the attack and number of affected individuals have not been disclosed. The full scope and impact of the alleged breach remain unclear pending official investigation by Malaysian authorities.

Incident

Threat actors claim breach of over a dozen Malaysian government websites

Q: How much are the cybercriminals asking for the Malaysian government access?

The hacker is offering to sell access to the systems for US$20,000 (approximately RM85,500), with payments accepted exclusively in Monero cryptocurrency to maintain transaction anonymity.

published: Aug. 4, 2025

Learn More

Cybercriminals have allegedly compromised more than a dozen Malaysian government websites and are offering unauthorized access to these critical systems for sale on a dark web forum.

The breach was posted on the Dark Forums website by a user identifying themselves as "Bigbrother," with the posting titled "First time breach/leak." The threat actor claims to possess both live access to the compromised government systems and complete data dumps from the affected organizations.

The government entities allegedly affected by this breach include:

National Registration Department (JPN), which handles citizen identification records,
MyGovernment portal that serves as a central hub for government services,
Radio Televisyen Malaysia (RTM), the country's national broadcaster.
Ministry of Health,
Ministry of Defence,
Ministry of Foreign Affairs,
Ministry of Higher Education

The nature of the attack and number of affected individuals are not disclosed. The hacker is ffering to sell the access to the systems for US$20,000 (approximately RM85,500), with payments accepted exclusively in Monero cryptocurrency to maintain transaction anonymity.

Exposed data types allegedly include:

VPN account connection information
Shell access credentials
Network and web databases
Subdomain information
Local file-sharing details

Security experts note that the asking price pricing appears unusually low for such extensive government access. An anonymous cybersecurity expert quoted by the media suggested that the relatively modest asking price could indicate either that the compromised data is not critical, or that the breach was conducted by inexperienced individuals who may not fully understand the true value of the access they have obtained.

Cybersecurity Malaysia, the country's national cybersecurity specialist agency, has been officially notified of this alleged breach and is presumably conducting investigations to determine the validity of the claims and assess the potential scope of any compromise. The agency has not yet released any public statements regarding the incident or provided guidance to potentially affected citizens.

Threat actors claim breach of over a dozen Malaysian government websites

Read More
Shasta County Health and Human Services Agency reports …
Philadelphia city email system breached, possibly exposing personal …
European Space Agency reports breach of external engineering …
NSW court website data breach affects 9,000 sensitive …
Supreme Administrative Court of Bulgaria hit by ransomware …