The Public Cellular Blocking Service (PCBS) system was an initiative by the MCMC to provide a service to deactivate mobile phones when they are reported stolen. It was launched in 2014.
Yesterday, a report by news portal Malaysiakini stated that it had analysed the data from the breach of data security, and traced the source to the PBCS.
It was reported in 2013, that the MCMC had appointed a company to manage the PCBS.
Its role was to ensure stolen handphones are rendered unusable within three hours after it is reported missing. The system is so effective that even changing the SIM cards would not enable the phones to be used again.
The news portal made its conclusion on the data breach after it found several file names of the leaked telco data containing either “PCBS”, “MCMC” or “SKMM” (the acronym for MCMC in Malay). File names from at least six telcos were said to contain the acronyms mentioned.
It was reported that both Multimedia and Communications Minister Salleh Said Keruak and MCMC chief operating officer Mazlan Ismail have declined to confirm or deny the link between the PCBS and the massive data breach, which is believed to have occurred in 2014.
Meanwhile, police are now tracking down the owner of an email account as part its investigation, NST reported.
Inspector-General of Police Mohamad Fuzi Harun told the daily that the owner of the account has yet to be found but did not wish to elaborate on how the email owner was connected to the investigation.
The data breach was first discovered by Malaysian technology news website Lowyat.net, after it was informed that someone was trying to sell huge databases of personal details for an undisclosed amount of Bitcoin on its forums.
Sources told FMT that the seller used an Internet Protocol address based overseas.
Lowyat.net founder Vijandren Ramadass had reportedly said it informed MCMC on Oct 18 of the breach and then uploaded an article on the theft after MCMC did not provide any feedback.
MCMC initially made the website take its story down.
However, MCMC confirmed the data breach a day later in a press statement released on Facebook, and then on Oct 23 confirmed that 46.2 million mobile subscribers were affected by the data breach.
Salleh told the Dewan Rakyat there was a “miscommunication” between Lowyat.net and MCMC on the issue at the initial stage which led to the removal of the article on the breach.
However, he added that the miscommunication was settled amicably.