Bank Negara investigates iPay88 cyber security breach

by NURUL SUHAIDI / Pic Source: iPay88’s Twitter

A FORENSIC investigation of a potential data breach involving online payment provider iPay88 (M) Sdn Bhd is still underway.

Bank Negara Malaysia (BNM) said the breach originated from and is confined to iPay88’s payment system and did not involve vulnerabilities in the banks’ systems.

“Financial institutions in Malaysia strictly observe authentication methods for online card transactions, including prompting cardholders for additional confirmation when transactions considered to be risky are detected.

“This reduces the risk of fraudulent transactions occurring,” BNM said in a statement today.

For non-authenticated transactions, particularly purchases from overseas merchants, it said customers will not be liable for any fraudulent or unauthorised transactions that may arise from this incident.

Yesterday, iPay88 confirmed that it had experienced a cyber security breach in May that might have compromised the card data of users and had initiated an investigation with security experts.

Following this, BNM instructed banks to immediately notify affected cardholders of additional protective measures that will be enforced to further protect them against risks of fraudulent or unauthorised transactions.

Banks have also heightened their fraud risk management and monitoring of suspicious or fraudulent activities.

“BNM takes a serious view of any incident that can affect confidence in the payment system, and will not hesitate to take necessary actions to ensure strong security controls for users.

“We advise customers to immediately notify their banks if they observe any irregular or unauthorised transactions on their cards,” it added.

For further enquiries or complaints, members of the public can contact BNMTELELINK at 1-300-88-5465 or submit via