Kuala Lumpur, 7 October 2022 – iPay88 would like to provide the Malaysian public with a follow-up on our previous statement with regard to the recent cybersecurity incident that affected our company.
iPay88 and its team engaged an independent team of cybersecurity experts to carry out a full forensic audit of iPay88 systems and its payment environment with a view to determining what happened, how it happened and to ensure that it does not happen again.
iPay88 has been advised that the cybersecurity incident was the product of a sophisticated intrusion by an unidentified party or parties.
The intrusion specifically targeted card data from online transactions. There was no impact on transactions made through the Android terminals, e-wallet QR payments, online banking, BNPL, vending machines, Point of Sale (POS) and batch card payment.
While iPay88 was the subject of a sophisticated attack, iPay88 acknowledges that it bears the burden and responsibility to protect card information. We respectfully apologize to the Malaysian public, our business partners, and merchants for this incident.
iPay88 would like to assure the public that it takes the protection of consumer data seriously and that it has taken the necessary steps to ensure the situation was contained and all transactions through iPay88 have been fully secured.
The containment and remedial action were successfully completed by July 20th, 2022 and no further indicator of any intrusions has been detected post that date.
We would also want to reassure the Malaysian public that, substantively, Malaysian cards are protected against unlawful and fraudulent use by the 3D Secure system which requires online transactions to be verified by the use of a one-time pin sent directly to cardholders.
Separately, iPay88 is working closely together with other industry players to minimize the risks that could have arisen due to the incident.
The iPay88 team, together with its cybersecurity experts took immediate action to assess, contain and remedy the situation. iPay88 has worked closely with the investigators in containing and mitigating the incident by deploying containment measures.
iPay88 has also implemented many industry-leading cybersecurity standards to further safeguard the system. We remain committed to investing more resources to enhance our cybersecurity to ensure the protection of your data.
For more information, click here to visit our FAQ.