Gobind said his ministry viewed the incident seriously, adding that the ransomware attack was carried out by a group named RansomHub on the dark web on Aug 25.

Ransomware is a type of malicious software, or malware, designed to block access to a computer system or files, typically by encrypting the data, until a ransom is paid to the attacker.

The minister said the Personal Data Protection Commissioner was informed of the cybersecurity incident the following day, while Prasarana was ordered to issue a data breach notification by Aug 29.

“The Personal Data Protection Commissioner’s office will carry out investigations to determine the nature of the breach and the data involved in the incident.

“It will also determine if there was any breach of the provisions of the Personal Data Protection Act 2010, and determine what action ought to be taken,” he said in a statement.

Gobind said CyberSecurity Malaysia would offer technical assistance during the investigation.

On Aug 26, Prasarana confirmed reports of a cybersecurity incident involving unauthorised access to parts of its internal systems, but said it did not disrupt its daily operations

Prasarana said it was working with the National Cyber Security Agency and CyberSecurity Malaysia to provide a thorough response and safeguard its systems against any threats.

It was said that potentially 316GB of Prasarana’s data from its website had been compromised because of the ransomware attack, with RansomHub threatening to publish the company’s data within six to seven days.

Prasarana owns and operates a wide range of transport services under RapidKL, including the light, mass and bus rapid transit systems (LRT, MRT and BRT), KL monorail and a fleet of stage buses.