KUALA LUMPUR (Nov 14): The Election Commission (EC) has refuted claims that its system suffered a data breach involving the personal details of 800,000 voters.

In a Facebook post on their official page, the EC said that the news currently circulating is an old allegation that has resurfaced. The EC added that it has been working closely with the National Cyber Security Agency of Malaysia (NACSA) to investigate the matter.

“The EC has taken appropriate action to ensure that there are no intrusions of the system. The EC always ensures the security of voter data through continuous monitoring using an effective security infrastructure,” the post read.

It was reported several days ago that another data breach has allegedly occurred involving the EC’s database and the personal details of 800,000 voters, which was up for sale on an online marketplace for US$2,000, and the seller requested to be paid in either Bitcoin or Monero cryptocurrencies.

Lowyat.net reported that the seller also claimed that they are in possession of the full electoral roll with details of 22 million voters, although the listing focused solely on the MySPR online system’s eKYC (electronic know your customer) data.

It was spotted by Twitter user @acaiijawe, who found alleged personal details such as full names, identification numbers, email addresses, birth dates and home addresses had been revealed. Voter’s photos, voting centre and all EC information were also compromised by the seller. Moreover, it contained more than 1.6 million eKYC images with a total file size of 67GB.

It was understood that CyberSecurity Malaysia was aware of the breach and investigated the matter, identifying whether or not any such breach had occurred.

Get our comprehensive GE15 coverage here.