Telekom Malaysia Breach Exposes Historical Unifi Customer Data

What Happened

On January 15, 2024, Telekom Malaysia (TM), the country's largest telecommunications provider, confirmed a data breach involving historical personal data of its Unifi customers. The company discovered the incident after users reported receiving SMS notifications about the compromise.

Impact

The breach exposed sensitive customer information, increasing the risk of identity theft, fraud, and targeted phishing attacks. The compromised data includes:

• Full Names
• National ID and Passport Numbers
• Contact information (phone numbers, email addresses)

TM has explicitly stated that no financial information, such as credit card or banking details, was affected by this incident.

Response

In response to the breach, Telekom Malaysia initiated several actions to mitigate the damage and protect customers. The company sent SMS notifications to all affected individuals, immediately began strengthening its system defenses to prevent further unauthorized access, and advised customers to be vigilant against suspicious communications. TM is also collaborating with relevant cybersecurity authorities and regulatory bodies to manage the incident.