Home > News >

Cybersecurity incident affecting your data

Cybersecurity incident affecting your data

Information for CustomersInformation for Vendors

 

Information for Customers

Dear Valued Customer,

We want to inform you of a recent cybersecurity incident at MFE Formwork Technology Sdn. Bhd. (“MFE”) that resulted in unauthorized access to certain internal data, which may involve data relating to your company and the personal data of your individual representatives.

On 12 November 2025, MFE detected a ransomware attack, which was contained within 72 hours. As a result of the incident, the attackers gained partial access to internal information and on 21 January 2026, it was assessed that the unlawfully extracted data from MFE, was made available on an external darknet.

MFE has since notified the Personal Data Protection Commissioner of Malaysia of the incident. We are working in close collaboration with external specialists to ensure the highest possible level of security in handling the leaked data.

While the investigations and mitigation efforts are still ongoing, we would like to inform you of the following proactively and transparently.

Based on the nature of the files typically exchanged between our organizations, the leaked information may include:

  • contact information;
  • purchase history;
  • contracts and pricing details; and
  • invoices or related commercial documentation.

There is currently no evidence that any payment information or banking details was accessed.

To protect yourself, we recommend exercising enhanced caution with any unexpected emails or messages referencing MFE Formwork, especially those requesting sensitive information or urging immediate action.

We sincerely apologize for any inconvenience this may cause and are taking all necessary measures to secure our systems, with this your data and to prevent any recurrence.

We will continue to provide updates as relevant information becomes available.

If you require assistance or further clarification, please contact your MFE representative directly. Alternatively, you may contact:

Thank you for your understanding and continued trust.

 

Information for Vendors

Dear Valued Vendor,

We want to inform you of a recent cybersecurity incident at MFE Formwork Technology Sdn. Bhd. (“MFE”) that resulted in unauthorized access to certain internal data, which may involve data relating to your company and the personal data of your individual representatives.

On 12 November 2025, MFE detected a ransomware attack, which was contained within 72 hours. As a result of the incident, the attackers gained partial access to internal information and on 21 January 2026, it was assessed that the unlawfully extracted data from MFE, was made available on an external darknet.

MFE has since notified the Personal Data Protection Commissioner of Malaysia of the incident. We are working in close collaboration with external specialists to ensure the highest possible level of security in handling the leaked data.

Based on the nature of the files typically exchanged between our organizations, the leaked information may include:

  • contract documents;
  • pricing information; and
  • email correspondence and business contact details.

We can confirm that no banking details or payment-related information were stored in the affected systems.

To protect yourself, we strongly recommend being vigilant for any unusual communication that appears to reference past correspondence with our company, particularly attempts to solicit information, request changes to payment terms, or deliver unexpected attachments.

We apologize for any inconvenience this may cause and are taking all necessary measures to secure our systems, with it your data and to prevent any recurrence.

As soon as we learn more that affects you directly, we will notify you immediately.

If you have any questions or need clarification, please contact us at your convenience. You may contact:

 

Share at:

Related Posts