Consent Preferences

iPay88 FAQ

Regarding the Recent iPay88 Cybersecurity Incident

  1. What happened?
    There was an external intrusion into our system, where an external party was able to access some of the card data that was stored in our system.

  2. What was affected?
    Some of our online card transactions were impacted by this incident. Any card transactions through an Android terminal, as well as transactions through e-wallet and QR payment, online banking, BNPL, vending machines, Point of Sale (POS) and batch card payment, were not affected.
    Please be assured that payments are processed through iPay88 safely.

  3. Why wasn’t I informed about this sooner?
    We were engaging cybersecurity experts to investigate the intrusion. The extent of compromise caused by the intrusion, and have taken immediate steps to contain our system. iPay88 needed clarity as to what had happened before it could inform the public.

  4. Who is responsible for this?
    We believe that the intrusion was done by as yet unknown external party or parties, who have orchestrated a sophisticated series of attacks onto iPay88’s systems. However, we are unable to identify the exact perpetrator to-date as we have been informed by our cybersecurity experts that the perpetrators have taken steps to mask and hide traces of their intrusion. We are working closely with the authorities and experts to identify who is responsible for the intrusion.

  5. What can I do if I realize that my credit card details were compromised?
    If you are suspicious that your credit card is compromised in any manner, we recommend that you contact your card issuing bank and follow their instructions.

  6. Can I still use iPay88 to handle payments of my customers?
    Yes. All transactions on the system are safe and protected by our robust security protocols and protections to date. Our external cybersecurity experts have confirmed that the malicious material has been successfully removed from our systems and that Ipay88 systems have been secured.

  7. What has been done to prevent this from happening again?
    We have implemented comprehensive measures to ensure the safety of our system.
    Some of these measures include:
    • New servers have been rebuilt from the ground up with the latest hardening guidelines
    • Updated the Data Leak Prevention Tool
    • Updated the Next Generation Antivirus with Managed Endpoint Detect and Response.
    • Enabled audit logs for SYSMON, PowerShell and Command Line activities in all servers and these new parameters are pushed to SIEM for monitoring.
    • File Integrity Monitoring Solution (FIM) has been deployed for application monitoring.
    • All administrators and local admin credentials have been reset and rotated again.
    • Encryption keys rotated again.
Scroll to Top
Scroll to Top