A group of local hackers calling them self GaySec claimed that they have breached the Celcom system. The group released a list of names and other related information early Sunday morning, which they claim belongs to Celcom customers.
The customer data that were leaked, believed to be taken from Celcom’s database in 2012, contains some 3,000 names, including part of their IC and mobile numbers. The hacker group has since taken down the post(yesterday). However the list remained online.
MalaysianWireless has managed to obtain a copy of the list. Part of the screenshot below:
Celcom has been contacted for a comment yesterday, but they have yet to respond at the time of writing. However, an anonymous source in MCMC/SKMM told MalaysianWireless that they are aware of this matter and currently investigating the claim.
At the point of writing, the GaySec Facebook page appears to have disappeared or deleted.
This is not the 1st time that GaySec have breached a Telco system. In October 2011, the group claimed responsibility for breaching the Maxis website. Despite no customer data were leaked, the intruder posted a screenshot of the Maxis website directory.
MalaysianWireless will further update this article with a statement from Celcom/SKMM, if there are any.
Update 1 (1.30pm, 13 November): Celcom has sent MalaysianWireless the following statement:
Celcom takes our customers’ personal data very seriously and is conducting an investigation into the claim. We have thoroughly tested our systems for any possible compromises to historical data and as of now have not found any breach. We are working closely with the relevant authorities and would like to assure our customers that we make every effort to protect their information in accordance with the law.