Prasarana, the operator of Malaysia’s rail services including the LRT networks, KL Monorail, and MRT lines, has confirmed a cybersecurity incident impacting its internal systems. On August 26, 2024, the company disclosed that unauthorized access to several of its systems had been detected. Despite this breach, Prasarana assured the public that its rail services remain fully operational and that there has been no disruption to daily services. The company’s cybersecurity team is actively working to address the issue and prevent further unauthorized access.
The National Cyber Security Agency (NACSA), through the National Cyber Coordination and Command Centre (NC4), has acknowledged the incident and is collaborating with Prasarana on the investigation. The agency confirmed that it is working to understand the scope of the breach and to implement measures to mitigate any potential impacts. The priority remains on securing the systems and ensuring the safety and reliability of public transportation services.
In response to the incident, Prasarana has emphasized that its primary focus is on resolving the cybersecurity issue promptly while continuing to meet the needs of the public. The company is working with cybersecurity experts to address the breach and will provide updates as more information becomes available. This proactive approach aims to ensure that operations remain uninterrupted and secure.
The breach was brought to light by FalconFeeds.io, a threat intelligence platform, which reported on August 25, 2024, that a ransomware group claimed to have acquired 316GB of data from Prasarana and planned to publish it. While this claim has been made, Prasarana and NACSA are prioritizing containment and recovery efforts to safeguard sensitive information and protect the integrity of their systems.
Reference:
