The National Cyber Security Agency (NACSA) revealed that it has launched an investigation into a recent post made on a hacker forum that allegedly offers live access to Malaysian government systems and data for sale. In a statement to The Star, the agency confirmed that it is aware of the situation and has escalated the threat actor’s claims to relevant authorities for verification.
A NACSA spokesperson noted that the authenticity of the claims has not been confirmed and that some of the information shared appears to be inaccurate. The agency also pointed out that certain threat actors have previously recycled old data and passed it off as new, raising questions about the credibility of the current post.
“We are still investigating,” the spokesperson told The Star. “All claims by the actor have been escalated to relevant agencies to verify the authenticity.”
The claims in question stem from a post made over the weekend, which alleges that over a dozen Malaysian government websites have been breached. According to earlier reporting, the compromised entities include at least 11 ministries and agencies such as the National Registration Department (JPN), MyGovernment portal, Radio Televisyen Malaysia (RTM), as well as the ministries of health, defence, foreign affairs and higher education.

The listing also claimed to include access credentials and stolen data such as VPN connection details, shell access, network and web databases, subdomains, and local file-sharing information. Access to these systems was purportedly being offered for sale at US$20,000 (~RM85,500), with Monero cryptocurrency accepted as payment.
Meanwhile, CyberSecurity Malaysia (CSAM) also confirmed awareness of the incident and said it is preparing a general advisory on preventing and mitigating data breaches.
(Source: The Star)