In a statement that was sent to Lowyat.NET earlier today, Maybank said that it has completed the internal investigation on the matter and found that the claims were not true. Here is the said statement, reproduced in full: A version of it was published on the bank’s Twitter as well. For those who missed the news, a listing at a database marketplace forum dated 25 December was offering a database with 1.8 million lines that were allegedly sourced from Maybank. In the same listing, the seller was also offering two other datasets from Astro and Election Committee (SPR) that were said to contain 10.7 million lines. A few hours after the existence of the listing was known to the masses yesterday, Maybank has publicly addressed it by releasing a statement saying that the bank has not experienced any data breach and it already initiated an internal investigation. Not long after that, Communications and Digital Minister Fahmi Fadzil noted in his statement that the initial investigation found that the account numbers contained within the sample data in the listing were invalid. The minister also said that a restriction notice has been submitted to the Malaysian Communications and Multimedia Commission (MCMC) in order to block the public from accessing the marketplace forum. We actually already encountered the blockage way before the statement was released to the public although those who are tech-savvy enough can easily overcome it and our quick check showed that the listing is still up on the marketplace forum at the time this story is published. Even though the bank said that the data leak claims were false, let’s not forget the “Maybank” database inside the listing still contains someone’s personal data. So, we reckoned that the authorities still have to continue their investigation in order to trace the origin of the databases that were featured in the listing and take appropriate actions.
