PETALING JAYA: Selangkah has issued a press statement denying the alleged data breach reported yesterday (Feb 28), saying that the data uploaded for sale on a hacking forum was not from its databases.
“We would like to address the recent allegations regarding data breach involving personal data purportedly retrieved from online sources.
“We would like to clarify that the data in question was not from our databases. Personal data stored within Selangkah databases has not been compromised and remain secured,” it said.
It further reassured users that it would continue implementing and maintaining best practices to ensure the privacy and security of user data.
On Monday (Feb 26), a user posted on a data leak forum claiming to be in possession of data belonging to over five million users which they alleged was sourced from “Selangkah.my”.
Based on the sample data included with the post, the database included personal identifiable information such as full name, MyKad number, MySejahtera user ID, age, gender, email, contact number and medical information.
The post listed the database for sale at US$1,000 (RM4,761).
Selangkah also advises users to contact its customer service team through the app should there be any further inquiries or concerns.
A spokesperson with the National Cyber Security Agency (Nacsa) previously stated that the agency is investigating the veracity of claims made regarding the five million user data by the forum poster.