A leak was found mentioning data siphoned off using myIdentity interface, originating from JPN and was done through LHDN. Team SecurityLah dissects this incident into greater details, looking at how it could have happened, and nuggets of wisdom for blue team on detecting such attacks.