Professional Documents
Culture Documents
Data Breach
Data Breach
Data Breach
Extortion Ransomware
(Lockbit 3.0 @ Lockbit Black)
https
://www.nst.com.my/news/nation/2022/09/832056/action-being-taken-over-allege
d-hacking-govt-database-says-annuar-musa
ePenyata @ ePayslip by Malaysian Govt Sector.
- The data include most of Politicians and other Civil Servants
Employee Payslip.
- The hackers also claimed to have been in contact with the
government through an email sent to several officials.
- Following that, the group of hacker codename “grey hat”
planned to sell the data to Dark Web extracted from the
ePaySlip database on several open database markets starting
Ministry of Sept 19.
- The “grey hat” also claimed to have been in contact with the
Accountancy – government through an email sent to several officials,
188.75gb Data including the Chief Secretary to the Government Tan Sri Mohd
Theft and System Zuki Ali, government security director-general Rahimi Ismail
as well as the National Audit Department.
Loopholes
Vulnerabilities.
Event 1
1 A Loophole of the Ministry of Accountancy system Vulnerabilities founded by
“grey hat”.
Event 2
2 Extortion by time given into the Dark Web, Social Engineering towards
government security director
Event 3
3 The Hacker planned to sell the data extracted from the ePaySlip database on
several open database markets (Dark Web)
Timeline
Event 4
4 JSON, CSV and PDF file format being extracted with the help of the System
Vulnerabilities.
Event 5
5 By time given, the issue has no update from Media.
Event 6
6 Ministry of Accountancy Database system inoperable / Shutdown due to
Forensic Analysis.
Vulnerabilities
Security Compliance within the Organization which allow the Lockbit Black Breach and Social Engineering
occur which cause the data Extortion.