MALAYSIA’s biggest data breach had happened, and, we did not even know it. It happened as early as 2012 and yet, neither the authorities nor users came forward. Some 50 million customers’ data allegedly provided to telecommunications companies are being traded for bitcoins. The leak first surfaced when an unidentified person tried to auction millions of Malaysians’ personal data, ranging from phone and MyKad numbers, to addresses and other personal details in the Lowyat website. It appears that the data were illegally obtained from the telcos’ database. To date, none of the alleged telcos would say anything except that they are working closely with MCMC and the police.