Maybank has confirmed that recent allegations regarding a supposed customer data leak from its database are false. This came following its investigations after the bank was alerted of the claim at the end of last week.

In a statement, Maybank reassured customers that their banking data have not been compromised, and remain secure and private. “Maybank will continue to prioritise its cybersecurity and data protection measures as customer data protection is of utmost importance to the bank,” it said.

#MBBAlert Dear Valued Customers,

With regards to the alleged claim of a customer data breach, after internal investigation we can confirm that these accusations are false.

(1/2)

— Maybank (@MyMaybank) December 31, 2022

For context, a Facebook post had claimed last week that the data of 1.8 million Maybank customers had been leaked and posted on a database marketplace, along with those from Astro (3.5 million subscribers) and Suruhanjaya Pilihan Raya (SPR) (7.2 million voters). Said to have been posted on 25 December 2022 (7.56pm), the leaked information allegedly included each individual’s login ID, full name, date of birth, address, and identity card number.

Following that, Maybank issued a statement saying that it will investigate the claims as it “has not experienced a data breach” in its system. It also took the opportunity to reiterate its commitment to safeguard the security, privacy, and integrity of its data and systems.  

Meanwhile, Communications and Digital (KKD) Minister, Fahmi Fadzil noted that early investigations carried out by his ministry found that the Maybank account numbers contained within the sample data are invalid – which means transactions cannot be carried out using the data. He also revealed that there is a possibility the data could be related to an earlier data breach incident that happened back in 2018.

[KENYATAAN MEDIA]

𝐊𝐊𝐃 𝐒𝐈𝐀𝐒𝐀𝐓 𝐃𝐀𝐊𝐖𝐀𝐀𝐍 𝐊𝐄𝐁𝐎𝐂𝐎𝐑𝐀𝐍 𝐃𝐀𝐓𝐀 𝐌𝐄𝐋𝐈𝐁𝐀𝐓𝐊𝐀𝐍 𝐌𝐀𝐘𝐁𝐀𝐍𝐊, 𝐀𝐒𝐓𝐑𝐎 𝐃𝐀𝐍 𝐒𝐏𝐑

YB Fahmi Fadzil
Menteri Komunikasi dan Digital

30 Disember 2022 #kementeriankomunikasidandigital #KKD pic.twitter.com/fbDwpWcnTd

— Kementerian Komunikasi (@komunikasi_gov) December 30, 2022

The minister also highlighted that KKD is still investigating the claims with the support of CyberSecurity Malaysia, via the Personal Data Protection Department. Additionally, the Malaysian Communications and Multimedia Commission (MCMC) has been directed to block access to the database marketplace.

Separately, Astro also launched its own investigations into the allegations and found that they, too, have not experienced any data breach. It added that necessary security measures have been taken to protect the sensitive information of its customers, and that further updates will be shared if there are more discoveries. SPR, meanwhile, has yet to issue any statements regarding the matter.

(Sources: Maybank, The Star)

• TAGS:
• Astro
• Communications and Digital Ministry
• CyberSecurity Malaysia
• Data Breach
• Fahmi Fadzil
• Maybank
• MCMC
• Personal Data Protection Department
• Suruhanjaya Pilihan Raya (SPR)