Sunday, August 3, 2025
  • Hype
  • Murai
  • Lipstiq
  • Miss Murai
  • Varnam
  • Moviedash
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
No Result
View All Result
Lowyat.NET
No Result
View All Result
Home Security

PADU Vulnerability Reportedly Allowed Password To Be Changed With IC Number

The flaw has apparently been patched.

by Ikmal Rozlan
January 3, 2024
padu security flaw vulnerability

Image: @Iamkanahraf, via X

242
SHARES
Share on FacebookShare on Twitter

The Malaysian government officially launched the Central Database Hub (PADU) yesterday and within hours, a developer found a major flaw in the system’s API. The vulnerability reportedly allowed any bad actor to change a person’s login password using just their IC number if they wished to do so.

Following the reveal of this critical flaw, the ministry of economy replied to the developer’s tweet, stating that it took note of the finding and is making the needed improvements. According to an update by minister of economy Rafizi Ramli, this flaw has been fixed last night, with the developer in question also confirming that the API has indeed been changed.

Guess what.

I only need your IC number to override and change your PADU login password.@farhanhelmycode @rafiziramli @Dr_Uzir @lamkanahraf pic.twitter.com/m1K2mR3wP2

— useState('drmsr') (@drmsr_dev) January 2, 2024

While this vulnerability seems to be patched, former deputy minister of international trade and industry, Ong Kian Ming, has pointed out that anyone with your IC number and postcode can register for a PADU account on your behalf without your permission as the identity verification only comes after creating the account. This would lead to the actual owners of the IC numbers to be unable to register themselves.

While the relevant data is still owned by the respective agencies, Rafizi has said that PADU is owned and managed by the department of statistics. The department’s chief statistician Mohd Uzir Mahidin revealed that the database’s security is handled in-house with 49 certified data scientists and security barriers already in place.

ALSO READ:  Android 16 To Bring Google’s Identity Check To More Phones

(Source: @drmsr_dev/X)

Filed Under central database hubflawpadusecurityVulnerability
Updated 12:56 pm, Wed, 3 January 24
http://lowy.at/iUmvi
Share97Tweet61SendShare

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

No Result
View All Result

TRENDING THIS WEEK

  1. 1
    Action Cameras

    AKASO 360 Lands In Malaysia; Starts From RM899

  2. 2
    How-To's

    RM100 SARA: How To Redeem, And Everything Else You Need To Know

  3. 3
    Transportation

    Malaysia Aims For MLFF Toll System Implementation By 2027

  4. 4
    Random As It Gets

    Someone Patented This Controller Design

  5. 5
    News

    Intel To Consolidate Chip Assembly And Test Operations In Malaysia

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Miss Murai
  • Varnam
  • Moviedash
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Contact Us
  • Editorial Policy
  • Terms & Conditions

©2025 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zone
    • Viewnet
    • Sri Computers
    • Startec
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2025 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zone
    • Viewnet
    • Sri Computers
    • Startec
  • More
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables

©2025 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.