Categories: MoneyNews

iPay88 resolves data breach, but stays under BNM watchful eye

At this juncture, the company seems to be off the hook for what it describes as a ‘sophisticated intrusion’ 

by HABHAJAN SINGH / pic source: iPay88 FB

THE central bank is ramping up efforts to ensure players in the financial space gear up on security. The latest on that front is its public rebuke of online payment provider iPay88 (M) Sdn Bhd. 

On Friday, Bank Negara Malaysia (BNM) announced that it had instructed the online payment provider to undertake additional measures to strengthen its cyber security controls and IT infrastructure for a data breach incident four months ago. 

This comes on the heel of a slew of measures introduced by the central bank to curb scammers and cybercrime perpetrators. 

At this juncture, iPay88 seems to be off the hook for what the company described as a “sophisticated intrusion”. The company was earlier taken to task for only making public the May incident in mid-August, some three months later. 

Following the completion of the independent forensic investigation, iPay88 has taken the necessary containment and rectification measures to address the gaps that were identified, BNM said in the statement.

“In addition, BNM has also instructed iPay88 to undertake additional measures to further strengthen its cyber security controls and IT infrastructure. These measures are aimed at ensuring that similar incidents do not recur in the future and to safeguard against future threats. 

“BNM will continue to closely monitor iPay88’s implementation of these measures and where appropriate, will undertake further supervisory or enforcement action,” it added. 

The central bank said it has also directed banks and card issuers to maintain heightened vigilance over activities of cards that may be at risk, adding that customers will be contacted if any suspicious activities are detected through the monitoring activities of their banks or card issuers. 

In its statement in August, BNM said the breach originated from and was confined to iPay88’s payment system and did not involve vulnerabilities in the banks’ systems. 

In a separate statement, released on the same day with the central bank announcement, iPay88 said its team had engaged an independent team of cyber security experts to carry out a full forensic audit of iPay88 systems and its payment environment with a view to determining what happened, how it happened and to ensure that it does not happen again. 

iPay88 said it has been advised that the cyber security incident was the product of a sophisticated intrusion by an unidentified party or parties. 

It said the intrusion specifically targeted card data from online transactions. There was no impact on transactions made through the Android terminals; e-wallet QR payments; online banking; buy now, pay later; vending machines; point of sale; and batch card payment. 

“While iPay88 was the subject of a sophisticated attack, iPay88 acknowledges that it bears the burden and responsibility to protect card information. We respectfully apologise to the Malaysian public, our business partners and merchants for this incident. 

“iPay88 would like to assure the public that it takes the protection of consumer data seriously and that it has taken the necessary steps to ensure the situation was contained and all transactions through iPay88 have been fully secured,” it said. 

The containment and remedial action were successfully completed by July 20, 2022, and no further indicator of any intrusions has been detected post that date, it added. 


  • This article first appeared in The Malaysian Reserve weekly print edition
Dzul

Recent Posts

NMRA INVESTOR NOTICE: Neumora Therapeutics, Inc. Investors with Substantial Losses Have Opportunity to Lead Class Action Lawsuit

SAN DIEGO, Feb. 15, 2025 /PRNewswire/ -- The law firm of Robbins Geller Rudman &…

1 hour ago

DEAN TUCCI FILES OPPOSITION MOTION AGAINST CFPB

PALATINE, Ill., Feb. 15, 2025 /PRNewswire/ -- In November of 2020, the CFPB filed a lawsuit…

4 hours ago

Alley Cat Allies Continues Worldwide Protest to Stop U.S. National Park Service from Killing Puerto Rico Cats

SAN JUAN, Puerto Rico, Feb. 15, 2025 /PRNewswire/ -- Alley Cat Allies, the leader of…

4 hours ago

Sultan Food Products brand Fried Falafel with Tahini Sauce recalled due to undeclared peanut

OTTAWA, ON, Feb. 15, 2025 /CNW/ - Product: Fried Falafel with Tahini Sauce Issue: Food…

4 hours ago

Minister Fisher recognizes three British Columbians for volunteer service helping Veterans

SURREY, BC, Feb. 15, 2025 /CNW/ - The Government of Canada is committed to recognizing those…

5 hours ago

$HAREHOLDER ALERT: The M&A Class Action Firm Continues To Investigate The Merger – EVGR, QTRX, RKDA, EBTC

NEW YORK, Feb. 15, 2025 /PRNewswire/ -- Monteverde & Associates PC (the "M&A Class Action…

6 hours ago