The Malaysian Communications and Multimedia Commission (MCMC) has suspended the contract of the independent contractor Nuemera (M) Sdn Bhd.
The 2014 data breach exposed the personal details of 46.2 million mobile phone subscribers, leaking the unique serial numbers linked to individual mobile phones, phone numbers, home addresses and names.
The suspension was confirmed in a written reply yesterday from the Communications and Multimedia Ministry to Lembah Pantai MP Fahmi Fadzil.
Fahmi questioned how Nuemera failed to protect the personal data of 46.2 million mobile phone accounts which resulted in the breach. The written reply did not share much detail on how the leak occurred but the actions taken against the company came after an investigation by the MCMC, Personal Data Protection Department (JPDP) and the police.
Fahmi filed a civil lawsuit in February 2018, against the MCMC and Nuemera for failing to protect the personal information of the mobile phone subscribers.
The reply said: “Following the investigation, on Jan 26, 2018, MCMC had suspended Nuemera’s appointment as it was found that the company breached basic provisions in the contract between MCMC and Nuemera.
“On May 21, 2018, MCMC issued a notice to Nuemera informing of MCMC’s decision not to renew the PCBS agreement for another five years as provided as an option in the contract agreement.”
The data breach only came to light last year, however it is said to have taken place in 2014.
The ministry stated that the JPDP had investigated the breach under Section 9 and Section 130 of the Personal Data Protection Act 2010 (PDPA), as well as Section 4 of the Computer Crimes Act 1997 – which relates to the unauthorised access with intent to commit or facilitate the commission of a further offence.
“Investigation papers have been completed and submitted to the Attorney General’s Chambers (AGC) for further action,” said the Ministry
The post #Privacy: MCMC suspends contract of company responsible of data breach appeared first on PrivSec Report.