Brinztech Alert: Database of DeMi Group (Malaysia) is Leaked

Dark Web News Analysis

A threat actor on a known cybercrime forum is advertising the alleged sale of a database belonging to DeMi Group (demigroup.com.my), a diversified Malaysian conglomerate specializing in ICT, smart surveillance, and office technology.

Brinztech Analysis:

• The Target: DeMi Group (DeMi Management Services Sdn Bhd) is a significant player in Malaysia’s digital infrastructure. They provide end-to-end ICT solutions, smart home security (CCTV/Surveillance), and document imaging services. Crucially, their public profile indicates they serve “government-linked entities,” corporate clients, and SMEs.
• The Data: The leaked dataset reportedly includes Employee PII (Names, Contact Details, National Identity Numbers, Job Titles) and Check-in/Login Data.
• The Threat: The exposure of “Login Data” and “Check-in” logs is the most alarming aspect. If this refers to their internal “AttendPRO” or “BackupPRO” systems, it could provide attackers with valid credentials to pivot into DeMi’s client networks.

Context: This breach occurs just as Malaysia has fully operationalized the PDPA Amendment Act 2024/2025, which mandates strict data breach notification protocols to the Personal Data Protection Commissioner (PDPC).

Key Cybersecurity Insights

This alleged data breach presents a specific threat to DeMi Group and its supply chain:

• Supply Chain & Government Risk: DeMi Group services government-linked entities and manages surveillance infrastructure. A breach of their employee credentials could serve as a stepping stone for supply chain attacks against sensitive public sector networks.
• Compromised Credentials: The leak of “check-in and login data” suggests that employee accounts may be at risk of unauthorized access. Attackers can use these credentials to access internal administrative panels or client management systems.
• Regulatory Impact (PDPA): Under Malaysia’s newly tightened data privacy laws, DeMi Group faces mandatory reporting requirements. Failure to notify the PDPC and affected individuals could result in significant fines and legal action.
• Sensitive Employee Data Exposure: A wide range of personally identifiable information (PII) of employees has been compromised, increasing the risk of identity theft and targeted spear-phishing attacks against the company’s own staff.

Mitigation Strategies

In response to this claim, DeMi Group and its clients must take immediate action:

• Password Resets & MFA Enforcement: Mandate immediate password resets for all employees. Enforce Multi-Factor Authentication (MFA) across all internal systems, especially for the AttendPRO and EDMS platforms.
• Compromised Account Monitoring: Implement monitoring mechanisms to detect and respond to any suspicious activity using the leaked credentials. Look for logins from unusual IPs or at odd hours.
• Client Notification: Given the B2B nature of DeMi’s business, clients (especially government entities) should be notified to monitor their own systems for suspicious activity originating from DeMi’s support accounts.
• PDPC Notification: Ensure compliance with Malaysia’s PDPA by notifying the Personal Data Protection Department if the breach exceeds the “significant harm” threshold.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com