[ad_1]
An unidentified group has claimed that it has managed to establish vulnerabilities inside the ePenyata Gaji which is the wage information system for Malaysian civil servants. Along with that, the group has additionally claimed that it has managed to breach the system and acquire a major quantity of information from the system with the assistance of safety vulnerabilities.
In accordance with the assertion from the group which was printed by Sin Chew Every day, amongst objects that it claimed to have obtained from ePenyata Gaji is a database in JSON and CSV format which has greater than 1,000,000 rows of identities. Among the many info that apparently contained inside the database contains full identify, MyKad quantity, place, division, pay slip quantity, cell phone quantity, and e-mail handle.
Moreover, the group additionally claimed that it has extracted virtually two million pay slips and tax types in PDF format with a complete file measurement of 188.75GB. SinChew famous that it has sighted a number of screenshots that the group has connected in its assertion that embody pay slips of a number of notable politicians akin to Finance Minister Tunku Zafrul, former Deputy Finance Minister Ahmad Zahid Hamidi, and former Speaker of the Dewan Rakyat Mohamad Ariff Md Yusof.
Within the assertion, the group additionally claimed that it has reached out to the Malaysian authorities by way of e-mail on 7 September. The e-mail was apparently despatched to a number of high-ranking officers akin to Chief Secretary Mohd Zuki Ali and Chief Safety Officer Rahimi Ismail in addition to the Auditor Basic’s workplace.
The group famous that the federal government was given till 12 September to reply however nothing occurred. Therefore, the group now plans to promote all of the objects that it has extracted from ePenyata Gaji on a number of well-known database marketplaces ranging from 19 September onwards.
ADVERTISEMENT
Right here is the redacted model of the total assertion from the so-called gray hat group:
Whereas we’ve no means to confirm any of the claims above since we didn’t obtain the assertion ourselves, the timeframe that was talked about within the group’s assertion did match the latest upkeep actions that have been deployed on ePenyata Gaji although. It’s unclear when precisely they came about however they have been famous on Nationwide Audit Division’s Fb web page on 9 and 13 September.
In actual fact, the ePenyata Gaji’s website was certainly down once we visited it at 8:40 PM at present though it’s already up once more once we visited it two hours later.
In the meantime, this case is already below investigation by the police, in keeping with Sin Chew’s report. That being mentioned, there isn’t a official assertion from the authorities thus far which can not bode effectively for civil servants on the market given how their private information could possibly be simply misused if this information breach did occur.
Observe us on Instagram, Fb, Twitter or Telegram for extra updates and breaking information.
[ad_2]
Source link
