On 13 April 2024, the New Straits Times (NST) reported a rise in Malaysian data thefts which reported 646 cases in 2023 and 50 cases in 2022.

A report by CyberSecurity Malaysia (CSM), an organisation under the Digital Ministry, stated that 5,917 cyber security incidents included data thefts.

A total of 142 data breaches were reported to CSM in the first three months of 2024.

Based on this pattern, CSM anticipates that if action is not taken to stop the crime, data thefts will keep going up.

Our Advice

Organisations and online consumers must implement security protocols to stop data breaches, especially those involving Personally Identifiable Information (PII).

PIIs include personal data such as full names, MyKad numbers, age, home addresses, phone numbers, and even salaries.

Personal Data Protection:

1) Use Strong Passwords:

– Create complex passwords that include a mix of letters (upper and lower case), numbers, and symbols.

– Avoid using easily guessable information like birthdays or common words.

2) Enable Two-Factor Authentication (2FA):

– Add an extra layer of security by requiring a second form of verification, such as a text message or an authentication app.

3) Regular Software Updates:

– Keep your operating system, applications, and antivirus software up to date to protect against the latest threats.

4) Be Cautious with Public Wi-Fi:

– Avoid accessing sensitive information over public Wi-Fi networks. If necessary, use a virtual private network (VPN).

5) Use Encryption:

– Encrypt sensitive data on your devices and during transmission to protect it from unauthorized access.

6) Be Wary of Phishing Scams:

– Do not click on links or download attachments from unknown or suspicious emails. Verify the sender’s authenticity.

7) Secure Your Devices:

– Use locks, passwords, or biometric security (fingerprint or facial recognition) to protect your devices.

8) Backup Your Data:

– Regularly back up important data to an external hard drive or a secure cloud service to prevent loss in case of theft or malware.

Organizational Data Protection:

1) Develop a Data Protection Policy:

– Implement and enforce a comprehensive data protection policy that includes best practices for data handling and storage.

2) Employee Training:

Train employees on data security best practices and how to recognize and report potential security threats.

3) Access Controls:

– Limit access to sensitive data to only those who need it for their job. Use role-based access controls.

4) Monitor Network Activity:

Use intrusion detection and prevention systems to monitor network traffic for unusual activity.

5) Data Encryption:

– Encrypt sensitive data both at rest and in transit to protect it from unauthorized access.

6) Regular Audits:

Conduct regular security audits to identify vulnerabilities and ensure compliance with data protection policies.

7) Incident Response Plan:

– Develop and maintain an incident response plan to quickly address and mitigate data breaches or other security incidents.

8) Physical Security:

Ensure physical security measures, such as secure access to server rooms and shredding of sensitive documents.

General Tips:

1) Be Mindful of What You Share Online:

– Limit the amount of personal information you share on social media and other online platforms.

2) Use Security Software:

– Install and regularly update security software, including firewalls, antivirus, and anti-malware programs.

3) Review Privacy Settings:

– Regularly review and adjust the privacy settings on your online accounts and devices.

4) Stay Informed:

– Keep up to date with the latest security threats and best practices for data protection.


Spike in data thefts in Malaysia