Investigation going on over data breach of 2,20,000 Malaysian organ donors

Organ donation
Then deputy health minister Huang Jiefu (C) and his colleagues bow as they pay a silent tribute to a deceased patient who was willing to donate her organs, at a hospital in Guangzhou, Guangdong province November 22, 2012. REUTERS/Stringer

The personal details of more than 2,20,000 Malaysian organ donors have been leaked in a data breach which has been happening since September 2016. The news about the data breach was first reported by tech forum to the forum, the data breach includes confidential details of organ donors and their next-of-kin. According to latest updates, The Personal Data Protection Department is now investigating the incident.

Khalidah Mohd Darus, the Commissioner of The Personal Data Protection Department said that he considers the data breach very seriously under the Personal Data Protection Act of 2010.

According to, the data breach includes the donor's name, identification card number, nationality, race and contact address and phone numbers. The data which has been leaked now, also contains the confidential details of each organ donor's one nominated next of kin which makes the list of date leaked victims to 4,40,000.

If reports from are true, then sign up data from the government hospitals as well as the National Transplant Resource Centres have also been leaked after this breach.

The news about the organ donors' personal data loss came just months after the same website reported about the stealing and selling of personal data of 46.2 million Malaysians. In last November, Police revealed that they are tracking down an email address which may be associated with this data breach incident.

"While the total number of records of this leak is nowhere near the massive amounts of data leaked in the mobile telco data breach that we reported back in October 2017, this leak contains one very serious implication where it reveals personal information of a nominated next-of-kin," wrote in their website.

"We have already reached out and notified the PDP of this data leak before publishing our findings. We are also once again calling out to all organizations who handle personal data to ensure that they exercise due care and diligence in ensuring the safety of the data that has been entrusted to them," concluded the report.