Maxis has issued a statement declaring that its systems have not been compromised despite the claims made by the hacker group R00tk1t. The group had threatened to reveal significant customer data after allegedly breaching the telecommunications company’s infrastructure. However, Maxis did acknowledge a potential unauthorized access incident involving a third-party vendor’s system.
The telecommunications company immediately initiated an investigation upon receiving the report of a cybersecurity breach. Although no issues were found within its own systems, Maxis identified a suspected incident of unauthorized access in one of its third-party vendor systems located outside of its internal network environment. The company did not disclose the identity of the third-party vendor but assured that it would collaborate with them for further investigation and has also informed the relevant authorities.
Maxis emphasized the importance of customer privacy and security, stating that their primary focus is on conducting a thorough assessment and containment of the situation. The company also assured that additional defense measures are being implemented to minimize any potential risks in the future.
R00tk1t, on the other hand, posted screenshots in its Telegram group which appeared to show a database of users. While the screenshots did not contain personally identifiable information (PII), they did reveal details such as the type of user affected, the model of their router or modem, and what seemed to be a serial number for each line. It is unclear whether the hacker group possesses additional data that was not included in the sample screenshots. Based on the information in the screenshots, it appears that the data pertains to broadband users rather than mobile subscribers.
Notably, R00tk1t had previously announced its intentions to target the Malaysian Internet infrastructure on January 26. Subsequently, the group claimed to have breached Aminia, a local palm oil and network solutions company, on January 30. Aminia also provides cloud services, Internet of Things (IoT) technologies, and networking equipment. R00tk1t posted a screenshot that purportedly shows a back-end dashboard belonging to the company.
More recently, on February 4, the hacker group allegedly defaced and breached the website of a local tutoring course company called YouTutor. They claimed to have stolen a database containing 1,886 lines of user data and shared a zip file with an Excel sheet of the database. The leaked database reportedly included PII such as full names, addresses, email addresses, phone numbers, MyKad numbers, and user IDs belonging to the company’s staff, teachers, and students.
Maxis and other targeted companies are working diligently to address the potential cybersecurity threats and ensure the safety of their customers’ data. The authorities have also been alerted to these incidents, and investigations are ongoing to mitigate any further security risks.