Category: Data Breach News

Data Breach Summary

A significant security breach has been detected by InsecureWeb, a leading cybersecurity company, affecting the Malaysian Social Security System website, Perkeso.gov.my. The breach, known as “Perkeso 12-2023 leaked by frog 16-12-2023,” was discovered by InsecureWeb on December 16, 2023, on a dark web forum, Leakbase.io. The breach resulted in the exposure of a substantial amount of sensitive data, including emails, phone numbers, employer codes, employer names, and IDs.

Where and How?

The security breach occurred on Perkeso.gov.my, the official website providing information about the social security system in Malaysia. The hacker, known as “frog,” published the stolen database on Leakbase.io, a notorious dark web site. The compromised information, totaling 498MB, poses a significant risk to the affected individuals and organizations. The breach highlights the vulnerability of Perkeso.gov.my’s infrastructure, raising concerns about the security measures and safeguards in place to protect personal and confidential data.

A Screenshot of the data can be found below:

Company Data Breach History

Perkeso.gov.my, prior to this incident, has had no known history of security violations or data breaches. However, it is important to note that the absence of publicized breaches does not guarantee the absence of prior incidents. While this breach is the first known security breach affecting Perkeso.gov.my, it serves as a reminder of the constant need for vigilance and robust security protocols to safeguard sensitive information.

Recommendations for Personal Data Protection

How Users Can Protect Their Information

To protect their personal information and accounts from being compromised, users should take the following steps:

– Change their passwords frequently, with a combination of letters, numbers, and symbols.

– Enable two-factor authentication whenever possible.

– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.

– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.

– Regularly monitor their accounts for any suspicious activity.

What is InsecureWeb?

InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet.

Our commitment lies in providing top-notch cybersecurity services to our clients. Through continuous monitoring of the dark web and advanced threat detection methodologies, we strive to identify potential breaches promptly, enabling swift response and mitigation efforts. With our state-of-the-art tools and expertise, we prioritize the confidentiality, integrity, and availability of our clients’ data.