Malaysia’s online payment gateway iPay88 recently released a public statement addressing a cybersecurity incident that occurred on May 31, 2022, that resulted in a system breach. The company believes that attackers may have potentially compromised users’ card data.
iPay88 in its statement explained that it instantly started an investigation the moment the problem was first discovered back on May 31, 2022, and brought in cybersecurity experts to resolve it. Furthermore, it is reported that the containment process was completed successfully, and no further suspicious activity has been detected since July 20, 2022.
Following that media statement, Bank Negara Malaysia (BNM) stated that the data breach incident was caused by the company’s card payment system and it does not have anything to do with the frailty of the banking institution’s system.
For your information, iPay88 is incorporated into the majority of local online banking services, including CIMB, Maybank, HongLeong, OCBC, RHB, and AffinBank, as well as e-wallets payment methods such as GrabPay, Boost, Touch ‘n Go eWallet, WeChatPay, ShopeePay, and Setel.
BNM also confirmed that the forensic investigation is still underway. The central bank added that it has instructed the banks to immediately inform the cardholders involved about the additional protection measures that will be taken to further protect users from the risk of fraudulent or unauthorized transactions.iPay88 also assured that more details and updates will be provided in due course and all financial institution partners have been kept informed and updated.
In the meantime, the Association of Banks in Malaysia (ABM) and the Association of Islamic Banking and Islamic Finance Institutions of Malaysia (AIBIM) assured customers that they could continue to use their bank cards as usual and reminded them to review their bank statements and notifications of their transactions from the bank on a regular basis.