Malaysian mobile operator Maxis Berhad is investigating an alleged cybersecurity incident after the hacker group R00TK1T claimed to have breached its infrastructure and threatened to expose a “treasure trove of customer data”.
The company said it “did not identify anything related to our systems but has found a suspected incident involving unauthorised access to a system belonging to one of its third-party vendors that reside outside of Maxis’ internal network environment.”
Maxis said it is working with the third-party vendor to investigate the issue further and meanwhile has informed the relevant authorities.
“Our customers’ privacy and security are of the utmost importance to us, and our ongoing priority is a thorough assessment and containment,” it added.
The firm said it will implement additional defence measures to reduce any further risk.
The R00TK1T group known for its sophisticated cyber intrusions and software exploits that target government organisations and private sectors, earlier today claimed that they have gained access to Maxis’ backend system.
It threatened to release customer data acquired from the alleged attack, exposing the vulnerabilities in the telco's security systems.
Maxis Communications is the latest victim since R00TK1T issued the first warning last week that Malaysia will be their next target of attack.
The group claims to have breached the network solutions and system integrator Aminia in Malaysia. It has also defaced and breached a local tutoring course website, YouTutor, and stole a database containing 1,886 lines of user data.
Security measures
Malaysia's National Cyber Coordination and Command Centre (NC4) acknowledged the threat and issued an advisory to all organisations to strengthen their digital infrastructure.
The NC4 team said it believes the hacker group was part of a “retaliation team” that acts upon cyberattacks ignited by the ongoing conflict in the Middle East.
It added that the hacker group usually exploits known vulnerabilities, while also obtaining assistance from insiders and disgruntled employees to carry out cyberattacks.
