CIMB Bank Malaysia has denied claims circulating online that a dataset containing about 1.2 million customer records had been leaked.

In a post on X, the bank said the claims were false and confirmed that there had been no data leak. CIMB added that its security teams had verified that all systems were secure.

The statement followed an alert from cybersecurity monitoring platform VECERT, which alleged that a threat actor known as “datasource” had reported a breach involving CIMB Bank customer data.

According to the post, the dataset allegedly contained about 1.2 million records, including names, bank account numbers, card information, mobile numbers, gender and dates of birth.

🚨 URGENT ALERT: CRITICAL FINANCIAL DATA BREACH DETECTED 🚨

Victim: CIMB Bank (Malaysia) 🇲🇾
Threat Actor: datasource
Date: March 3, 2026

Our threat intelligence platform has identified a new, high-risk security incident targeting the financial sector in Malaysia. 🛡️

The threat… pic.twitter.com/Ablm1ov2oa

— VECERT Analyzer (@VECERTRadar) March 3, 2026

CIMB said customers’ data remains protected and urged the public to rely only on information shared through its official communication channels.

The bank also advised users to remain cautious of misinformation circulating online.

Featured image: Edited by Fintech News Malaysia, based on image by sodawhiskey via Freepik