What Malaysia’s Data Breaches Reveal: Insights for Leadership

Who should read this?

CEOs

CTOs

CISOs

Cyber Security Managers

Data is one of the most valuable assets for any organization, whether it’s customer information, financial records, or business strategies. As businesses become more data-driven, ensuring its security has become more critical than ever.

However, the growing number of data breaches in Malaysia reveals a stark reality: many organizations are still underprepared. Cyber criminals are targeting valuable data, exploiting it for financial gain through ransom demands, selling it on the dark web, or using it for other malicious purposes. This has led to significant risks for organizations, from financial losses to reputational damage.

It’s clear that these threats cannot be ignored, and proactive measures must be taken to safeguard data before an attack occurs. In this blog, we’ll examine some of the most notable data breaches in Malaysia and the effective strategies for enhancing cyber security.

A Closer Look at Malaysia's Most Notable Data Breaches

In recent years, Malaysia has witnessed several significant data breaches, exposing vulnerabilities in many systems. These incidents highlight the increasing risks associated with inadequate cyber security measures and emphasize the urgent need for enhanced security practices across all sectors.

1. Prasarana Malaysia Berhad RansomHub attack: In October 2024, the transportation giant Prasarana Malaysia Berhad became the target of a ransomware attack by the notorious hacker group RansomHub. The breach resulted in the theft of 316 GB of sensitive data, including operational details and employee personal information. This attack disrupted public transport services and left the organization grappling with recovery efforts. The breach highlights the increasing vulnerability of critical infrastructure, as cyber criminals target high-profile organizations to exploit their valuable data for financial gain.

2. senangPay payment gateway breach: senangPay, a popular Malaysian payment gateway, fell victim to a data breach in August 2024 when an external hacker gained access to several employee email accounts. The exposed data included sensitive financial information, which the attacker threatened to sell on the dark web. The hacker claimed to have stolen personal information such as names, Malaysian IC numbers, and financial details, and demanded a ransom of 2 BTC. The breach highlighted the risks associated with third-party service providers and the need for heightened security. While senangPay assured that no disruption to its services occurred, the breach underscored the importance of protecting sensitive customer data.

3. Big Pharmacy RansomHub attack: Big Pharmacy, one of Malaysia’s leading healthcare chains, suffered a breach in October 2024 when RansomHub targeted its internal systems. The breach exposed a significant amount of sensitive customer data, putting both patient privacy and the organization’s reputation at risk. Reports indicate that 50GB of data, including clinical laboratory reports, medical certificates, prescriptions, and invoices, was exfiltrated by the hacker group. This incident underscored the vulnerabilities within the healthcare sector, where data security is critical, and emphasized the need for stronger protections in healthcare organizations against sophisticated cyber attacks.

4. Kuala Lumpur International Airport (KLIA) ransomware attack: In March 2025, Kuala Lumpur International Airport (KLIA) experienced a ransomware attack that disrupted flight information systems, check-in counters, and other services. The attackers demanded a ransom of $10 million, which was refused by the Malaysian government. In addition to the ransom demand, Qilin, the hacking group responsible for the attack, claimed to have stolen 2 TB of sensitive data from Kuala Lumpur International Airport during the breach, further escalating the severity of the incident. Although operations were not significantly affected, the incident highlighted the vulnerability of critical infrastructure to cyber threats and the need for enhanced cyber security measures in the aviation sector.

5. Telekom Malaysia data breach: In 2023, Telekom Malaysia (TM) confirmed a data breach involving the personal information of historical Unifi customers. The breach exposed sensitive data, including names, national identification numbers, passport numbers, and contact details, although no financial information was compromised. This breach underscores the vulnerability of telecommunications providers and the importance of securing personal data, especially in sectors that handle large volumes of sensitive information. The incident serves as a reminder of the growing cyber risks in the digital age and the need for constant vigilance.

Effective Tips for Leaders in Enhancing Cyber Security

In the wake of rising data breaches in Malaysia, it’s crucial for leaders of organizations to implement effective cyber security strategies to protect valuable data and maintain stakeholder trust. Here are some essential strategies that can help enhance data protection and strengthen cyber security across all sectors:

1. Adopt a managed approach to cyber security: Many organizations lack a systematic, structured approach to cyber security, which often leads to an ad-hoc response to security threats. Without a formal framework in place, organizations struggle to assess, manage, and mitigate risks effectively. By adopting a managed approach like ISO 27001, organizations can create an Information Security Management System (ISMS) that helps streamline risk management, ensure compliance with international standards, and provide a solid foundation for ongoing security improvements. This structured approach minimizes the risk of overlooked vulnerabilities and ensures a proactive response to evolving cyber threats.

2. Prioritize third-party security: In today’s interconnected world, organizations often rely on third-party vendors and service providers, which can expose sensitive data to additional risks. Many businesses overlook the security measures of their partners, leading to vulnerabilities that can be exploited. By prioritizing third-party security, organizations can evaluate and verify the cyber security practices of their partners through proper periodic evaluations. Ensuring that external vendors meet your security standards reduces the likelihood of a breach through external channels and enhances the protection of your sensitive information.

3. Follow cloud security best practices: As more organizations migrate to the cloud, many overlook the importance of securing their cloud environments. Without following best practices for cloud security, sensitive data stored in the cloud becomes vulnerable to unauthorized access, cyber attacks, or data leaks. By using cloud services that offer encryption features, using multi-factor authentication, and regularly reviewing access permissions, organizations can significantly improve the security of their cloud-based systems. Implementing these best practices ensures that cloud data remains protected from external threats and maintains the privacy and integrity of your organization’s information.

4. Focus in security awareness programs: A significant number of data breaches occur due to human error, often because employees are unaware of the latest cyber threats or the risks associated with handling sensitive data. Many organizations fail to provide adequate training to employees, making them more susceptible to phishing attacks, social engineering, and other security risks. Investing in security awareness programs equips employees with the knowledge to identify threats, handle data securely, and avoid costly mistakes. Periodic security awareness training helps reduce the risk of human error, turning your employees into an informed first line of defense against cyber attacks.

5. Conduct periodic reviews of cyber security strategies: Cyber threats are constantly evolving, and many organizations fall behind by relying on outdated security measures. New risks may arise as the threat landscape changes, and business objectives or technologies shift over time. Too often, businesses fail to review their cyber security strategies, leaving their defenses vulnerable to emerging risks. Conducting periodic reviews of cyber security strategies ensures that your defenses remain strong and up-to-date. By staying proactive and continuously adapting to new threats, organizations can address weaknesses before they become major security issues.

6. Implement Zero Trust Architecture (ZTA): In traditional security models, organizations often operate under the assumption that internal users and devices are trusted by default. However, this approach leaves systems open to insider threats and unauthorized access. A ZTA eliminates this assumption by requiring verification for every user, device, and application before granting access. By adopting this approach, organizations reduce the risk of lateral movement by attackers and ensure that only authorized users can access critical data and systems, providing a stronger layer of protection against potential breaches.

Staying Ahead: The Importance of Proactive Cyber Security

Every data breach serves as a wake-up call for organizations, highlighting vulnerabilities that can have severe consequences. Waiting for an attack to occur before reassessing security measures is no longer an option. It is essential for organizations to be proactive, regularly reviewing and updating their cyber security strategies. By staying ahead of potential threats, businesses can minimize the risk of data breaches and the damage they cause. Ultimately, taking a proactive approach is the key to safeguarding valuable data and ensuring cyber resilience.