Cyber Incident Victim: Bursa Malaysia
Date:
Apr 2025
Location:
Malaysia
Summary
Bursa Malaysia reportedthat several brokers observed failed client logins and unauthorized trading activity on a limited number of online trading accounts. In response, brokers were instructed to have clients reset passwords and to deploy stronger authentication controls such as multi‑factor authentication and stricter password policies. The securities regulator and the exchange are working together to identify the cause while monitoring for further incidents, and they have affirmed that the market’s integrity remains intact and trading proceeded normally.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Thursday afternoon, 24 April2025, Bursa Malaysia and the Securities Commission Malaysia received reports from several brokers who had observed failed client logins and instances of unauthorised access coupled with trading activity carried out through a limited number of clients’ online trading accounts. The brokers identified these anomalies while monitoring their systems and promptly notified the regulators. The reports indicated that the irregularities were confined to a subset of accounts and did not appear to affect the broader trading infrastructure. Upon receiving the information, the Securities Commission Malaysia and Bursa Malaysia initiated an immediate joint assessment to understand the nature and scope of the incident. Both organisations confirmed that the market’s core systems remained operational and that no widespread disruption had been detected. The regulators emphasized that the integrity of Malaysia’s capital market continued to be intact despite the reported anomalies.
In response, Bursa Malaysia instructed all participating brokers to advise their clients to reset passwords and login credentials as a precautionary measure to enhance account security. Brokers were also directed to implement additional security controls, including the adoption of multi‑factor authentication and the enforcement of stricter password policies for online trading platforms. The Securities Commission Malaysia and Bursa Malaysia stated that they remain on high alert and are working closely with the brokerage community to ascertain the root cause of the observed login failures and unauthorised trades. Further measures will be considered and applied as the investigation progresses, with the aim of preventing any recurrence of similar incidents. Both organisations reassured investors that the market would open as scheduled on 25 April 2025 and that trading would proceed under normal conditions. The joint statement concluded by affirming the commitment of the regulators and the exchange to maintain a fair, orderly, and secure capital market environment.