A recent Maxis Berhad cyberattack has been attributed to the R00TK1T ISC Cyber Team, stirring concerns about data security and network integrity for the Malaysian communications firm.
The cyberattack on Maxis Berhad, which unfolded on February 5, 2024, was posted by the threat actor in a series of dark web posts, which was also shared on a Telegram channel operated by the threat actor.
The R00TK1T ISC Cyber Team disclosed intricate details regarding the cyberattack on Maxis Berhad. The breach revealed compromised Single Sign-On (SSO) user access to the FortiGate Firewall, providing unauthorized entry to sensitive employee data.
Among the compromised information were MAC addresses, connection details on the Maxis WiFi network, and administrative access to the Maxis Interactive Retail Assistant (MIRA) dashboard.
Decoding the Maxis Berhad Cyberattack Claims
This Maxis Berhad cyberattack exposed employee identifiers, including employee IDs, names, Mobile Station International Subscriber Directory Numbers (MSISDN), business emails, and work locations within Maxis retail stores.
The group also claimed to have penetrated third-party networks, such as the Malaysia-based Kulim Agrotech Centre, signaling a broader threat.
In subsequent posts on their Telegram channel, the R00TK1T ISC Cyber Team threatened to divulge further infiltration details at regular intervals if Maxis downplayed the severity of the attack.
The cyberattack targeted Maxis Berhad and had repercussions extending to the Kulim Agrotech Centre in Malaysia, highlighting the regional impact of cyber threats in Asia & Pacific (APAC).
Maxis Communications, also known as Maxis Berhad, is one of the most prominent communications service providers within Malaysia. Renowned as one of the nation’s oldest and most expensive telecommunications firms, it has long been a partner of Malaysia’s telecommunications.
Response to the Maxis Berhad Cyberattack
Maxis Berhad is yet to issue an official statement or response regarding the cyberattack. The lack of acknowledgment from the company has left the claims surrounding the breach unverified.
The Cyber Express has initiated inquiries into the Maxis Berhad cyberattack, aiming to gather insights into the incident’s scope and implications. However, as of the time of reporting, no official communication has been received from Maxis Berhad.
This is an ongoing story and we will update this post once we have more information on the Maxis Berhad cyberattack or any official confirmation from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
