The database leak was first highlighted by Twitter user Adnan Mohd Shukor, who Lowyat.NET reported is an intrusion analyst.
The data is currently listed for sale on a “database sharing and marketplace forum”. The website is only accessible after using a virtual private network (VPN).
“Malaysia citizen data fresh from Jabatan Pendaftaran Negara (JPN), leaked from hasil.gov.my through myIDENTITY API,” read the forum post, which was published on 24 September.
“Total data is almost 4 million equal to 31.8GB, group by birth year from 1998 to 1979.”