Quann Malaysia, formerly known as e-Cop Malaysia, is announcing an official warning about how buyers can anonymously purchase 46.2 million Malaysian mobile users’ data for a mere RM32,000 (estimated at current price).
The warning follows the recent revelation that 46.2 million Malaysian mobile users’ data was on sale for 1 Bitcoin (RM32,000). Just last week, samples of a list containing Malaysian mobile users’ data from telecommunication companies from 2014 went on sale, which includes postpaid and prepaid numbers, customer details, addresses as well as sim card information.
Such information has the risk of being used by hackers to carry out social engineering attacks to trick users into divulging financial information and passwords or phone cloning, where the identity of the user is copied to another phone.
Ivan Wen, General Manager of Quann Malaysia says: “It is almost impossible to stop any sale of the leaked data, unless the affected companies pay a ransom to the hacker or data thief. However, paying a ransom does not guarantee that the data will not be leaked. As such, we do not encourage companies to do so. This extremely attractive pricing for so much data will lead to a rise in the number of buyers who are confident they cannot be tracked.”
It is still not clear at this stage if a ransom has been demanded from the telecommunications providers. However, since the sale will be in Bitcoin, any company or person can anonymously purchase the whole list from this anonymous hacker.
Currently, while Bitcoin transactions are transparent online, the identities of both the seller and buyer will remain anonymous and cannot be tracked. Wen also adds that only a few countries are left that have yet to put in place a proper KYC (Know-Your-Customer) regulations regarding Bitcoin purchases.
“It is high time that we take a different approach to dealing with the spiralling number of worldwide ransomware demands. We hope that regulators and policy makers will take action to put in more defined processes and regulations to track the purchase and dealings in Bitcoin among Malaysians, so that fraudulent (data) purchases can be tracked,” he continues.
He also advises Malaysians who have not changed their SIM cards since 2014, to replace their SIM cards as soon as possible, suggesting that telecommunications company to allow users to do this free of charge, which will encourage quicker resolution to this matter.