Local online payment gateway iPay88 today has issued a statement publicly disclosing a cybersecurity incident that occured on 31 May 2022, which resulted in a system breach. The company believes that user personal data in the form of card information may have been compromised by attackers.
iPay88 says it immediately initiated an investigation on the date of the incident, and had brought in cybersecurity experts to contain the issue. It added that the containment process was successful and no further suspicious activity has been detected since 20 July 2022.
Even though the company admitted that user card data has likely been compromised, it did not disclose the number of users affected by the attack. This is undeniably worrying, as a large number of local online stores, e-wallets, credit cards, Buy Now Pay Later (BNPL) services, and banks rely on its online payment gateway.
iPay88 assured that new measures and controls have been implemented to strengthen its system’s security against any further attacks. In addition, it has also informed all involved financial institutions regarding the matter. The company adds that the investigation is still currently ongoing and it is working closely with authorities and relevant parties.
iPay88 did not detail why it had decided to only announce this incident two months after it had occurred, but promised to provide further updates and detailed findings related to this incident in due course. On a somewhat related note, this particular incident harkens back to another breach that the company experienced back in 2020, where its email API was misused to send out phishing emails to unsuspecting customers.
For your reference, the local online payment gateway is integrated in online banking services provided by most local banks including CIMB, HongLeong, Maybank, OCBC, RHB, AffinBank and more. It can also be found in other services including e-wallets (GrabPay, Boost, Touch ‘n Go eWallet, WeChatPay, ShopeePay and Setel), credit cards (VISA, Mastercard, American Express and UnionPay), as well as non-local online payment services such as PayPal and G Pay.
Needless to say, those who use or have used iPay88’s payment gateway are advised to stay vigilant. Be sure to keep track of your finances to ensure they are not misused by an unknown party, and immediately lodge a report if the worst case scenario should happen.
(Source: iPay88 [official website])