KUALA LUMPUR: In light of the potential data breach incident announced by iPay88 (M) Sdn. Bhd, Bank Negara Malaysia (BNM) has instructed banks to immediately notify affected cardholders of additional protective measures that will be taken to further protect them against risks of fraudulent or unauthorised transactions.

It said the banks have also heightened their fraud risk management and monitoring of suspicious or fraudulent activities for affected cards.

"BNM takes a serious view of any incident that can affect confidence in the payment system, and will not hesitate to take necessary supervisory or enforcement actions to ensure strong security controls are in place and maintained by financial institutions and customers are treated fairly.

"Customers are advised to immediately notify their banks if they observe any irregular or unauthorised transactions on their cards," it said in a statement today.

BNM said forensic investigations are still ongoing following the announcement by the company providing payment gateway services to banks and merchants.

It added that the breach originated from and is confined to iPay88's payment card systems and does not involve vulnerabilities in the banks' systems.

"Financial institutions in Malaysia also observe strong authentication methods for online card transactions, including prompting cardholders for additional confirmation of certain transactions considered to be more risky.

"This reduces the risk of fraudulent transactions occurring. For non-authenticated transactions, particularly purchases from overseas merchants, customers will not be liable for any fraudulent or unauthorised transactions that may arise from this incident," it said.

For further enquiries or complaints, members of the public can contact BNMTELELINK at 1-300-88-5465 or to submit via https://telelink.bnm.gov.my/