Online payment provider iPay88 says an investigation was initiated on May 31 with cybersecurity experts roped in to mitigate the issue.

PETALING JAYA: Online payment provider iPay88 has confirmed experiencing a cybersecurity breach which may have compromised the card data of users.

In a statement, iPay88 said an investigation was initiated on May 31 with cybersecurity experts roped in to mitigate the issue.

The e-commerce firm said investigations were ongoing and that it was working closely with the authorities and other relevant parties over the security breach.

It did not specify when the security breach occurred.

“The containment process was successfully completed and no further suspicious activity has been detected since July 20.

“To ensure the continued safety of the card data, we have implemented various new measures and controls to strengthen the system’s security against any further incidents,” it said.

The company said its financial institution partners have been kept updated over the incident, while more findings would be shared in due time.

In response, Lembah Pantai MP Fahmi Fadzil questioned why iPay88 had only released information on the data breach more than two months after the incident.

The PKR MP also pointed out that the firm failed to mention the number of data involved in the breach and told iPay88 to “respect your users” since its business model relied on consumers.

“This is why we must amend the Personal Data Protection Act 2010 urgently. Users who have been affected must be informed as to what has happened to their data.

“Commercial firms who fail to secure users’ data must be punished, whether by compensating affected users or taking the management to court, or both.”

Source: Free Malaysia Today