KUALA LUMPUR – The Social Security Organisation (Socso) has confirmed that its website and database was hacked last Saturday.
In a statement today, Socso’s communication and corporate affairs division said the incident last week was not the first time it had been targeted with such attacks.
“This cyberattack against Socso was not the first instance and was instead part of a series of breaches, the last of which occurred in September and was successfully contained,” Socso said.
“Such irresponsible actions by hackers are attacks on the nation’s interest, therefore all forensic results will be shared with authorities to avoid repeat incidents against other agencies.”
Addressing the breach that occurred last weekend, Socso said that its crisis management plan was activated on the same day it discovered that its system, database, and website had fallen prey to hackers.
The information and communication technology (ICT) unit was mobilised to recover the compromised system.
“The initial stage of the cyberattack’s modus operandi was identified as having the intent to disable all Socso infrastructure used for daily operations.
“However, the ICT unit eventually successfully regained control of the system, causing the hacker to change tactics by attempting to launch a character assassination attack against Socso’s image,” the agency added.
It also assured that services for contributors, employers and the public will not be affected by the breach, noting that all interest, compensation, and pension payments will be carried out normally.
Earlier today, news of the Socso hacking made headlines after a BreachForums user claimed on December 5 that personal data had been breached.
It was reported that a snapshot of the “leaked” data included names, addresses, payment methods, and mobile numbers.
Besides claiming that more personal information will be made available in the next 72 hours from December 5, the user also shared a YouTube link to a video which is supposedly a meeting with Socso. – December 8, 2023