KUALA LUMPUR, Aug 12 – Forensic investigations are still ongoing on a potential data breach announced by iPay88 (M) Sdn Bhd, a company providing payment gateway services to banks and merchants, Bank Negara Malaysia (BNM) said.
In a statement issued today, the central bank said the breach originated from and is confined to iPay88’s payment card systems and does not involve vulnerabilities in the banks’ systems.
“Financial institutions in Malaysia also observe strong authentication methods for online card transactions, including prompting cardholders for additional confirmation of certain transactions considered to be more risky. This reduces the risk of fraudulent transactions occurring.
“For non-authenticated transactions, particularly purchases from overseas merchants, customers will not be liable for any fraudulent or unauthorised transactions that may arise from this incident,” BNM said.
The central bank said it has also instructed banks to immediately notify affected cardholders of additional protective measures that will be taken to further protect them against risks of fraudulent or unauthorised transactions.
“Banks have also heightened their fraud risk management and monitoring of suspicious or
fraudulent activities for affected cards.”
BNM said it viewed seriously any incident that can affect confidence in the payment system, and will not hesitate to take necessary supervisory or enforcement actions to ensure strong security controls are in place and maintained by financial institutions, and customers are treated fairly.
It also advised customers to immediately notify their banks if they observe any irregular or
unauthorised transactions on their cards.
For further enquiries or complaints, members of the public can also contact BNMTELELINK at 1-300-88-5465 or to submit via https://telelink.bnm.gov.my/