BNM Instructs iPay88 to Further Strengthen Cyber Security Controls

KUALA LUMPUR, Oct 7 – Bank Negara Malaysia has instructed iPay88 (M) Sdn Bhd, a
provider of payment gateway services to banks and merchants, to further tighten its cyber security controls following the completion of an independent forensic investigation into the company.

The forensic investigation followed the announcement in August this year by iPay 88 of a potential data breach incident. During the investigation, the central bank had said that the breach originated from and was confined to iPay88’s payment card systems and does not involve vulnerabilities in the banks’ systems.

In a press statement today, Bank Negara said iPay88 has since taken the necessary containment and rectification measures to address gaps that were identified and apart from that iPay88 has been also instructed to undertake additional measures to further strengthen its cyber security controls and IT

“These measures are aimed at ensuring that similar incidents do not recur in the future and to safeguard against future threats. BNM will continue to closely monitor iPay88’s implementation of these measures and where appropriate, will undertake further supervisory or enforcement action.”

The central bank said it has also directed banks and card issuers to maintain heightened vigilance
over activities of cards that may be at risk.

“Customers will be contacted if any suspicious activity is detected through the monitoring activities of their banks or card issuers.”

It also reassured members of the public that Malaysia’s banking and payment systems remain safe and secure. Under existing payment card rules, customers will not be liable for any fraudulent or unauthorised transactions, as long as customers have taken reasonable precautions to safeguard their payment cards.