AUTHORITIES have vowed stern action against any online platform found trading Malaysians' personal data, following the resurfacing of the controversial website ‘caghi.com’, known for peddling leaked information.
National Cyber Security Agency (NACSA) Chief Executive Ir Dr Megat Zuhairy Megat Tajudin confirmed that the website had been on the agency's radar since 2022, and that the data it contains is “compiled from previous breaches involving information dated before 2022”.
“Access to the site has already been blocked by the Malaysian Communications and Multimedia Commission (MCMC), but some parties are still trying to bypass restrictions using virtual private networks (VPNs) or foreign servers,” he said.
A forensic investigation is currently underway to determine whether any newer or sensitive data may have been compromised. “So far, we have not identified any current information, but if new leaks are found, immediate action will be taken, including formal notification, further access blocks, and tracing the source of the breach,” he added.
The renewed focus comes amid Malaysia’s bid to strengthen international cooperation in cybercrime enforcement. Megat Zuhairy confirmed that the country is actively working to join the Budapest Convention and the United Nations Convention on Cybercrime, enabling better cross-border data sharing and enforcement.
“These frameworks will allow us to trace and act against websites hosted abroad,” he said.
In tandem, the Malaysian government is finalising a new cybercrime bill to replace the outdated Computer Crimes Act 1997.
The legislation aims to modernise offence definitions, increase penalties, and establish specific protections for digital identity.
“This includes prohibiting the sharing of passwords or digital IDs, and imposing obligations on system owners to uphold security principles,” Megat Zuhairy stated. - September 20, 2025
.JPG.JPG)
