Kuala Lumpur, 12 March 2026 – Bursa Malaysia has confirmed that several brokerage firms experienced cybersecurity incidents within certain internal system components, but stressed that the situation has been contained and that the exchange’s trading infrastructure remains unaffected.
According to Bursa Malaysia, the affected brokers quickly isolated the compromised system components and activated internal incident-response protocols to contain the issue. The exchange emphasised that the incidents were limited to the respective brokers’ systems and did not impact Bursa Malaysia’s networks, trading platforms or market infrastructure.
“All trading and market operations continue to function as usual,” the exchange said in a statement, adding that no unauthorised trading activity or financial losses have been detected.
Immediate Cybersecurity Response Activated
Upon being informed of the incidents, Bursa Malaysia activated its established cybersecurity response protocols and coordinated closely with the affected brokers to ensure swift containment and remediation.
The brokers involved are currently conducting full forensic investigations, with findings expected to be submitted through Bursa Malaysia’s supervisory channels.
As a precautionary measure, the exchange has also instructed all brokerage firms and selected vendors to conduct comprehensive system screenings to detect any potential vulnerabilities or suspicious activity.
Industry advisories and briefings have also been issued to reinforce vigilance and encourage brokers to further strengthen their cybersecurity safeguards.
Industry-Wide Cyber Risk Controls Already in Place
Bursa Malaysia noted that the rapid containment of the incidents reflects the effectiveness of industry-wide cybersecurity resilience measures introduced last year to protect the capital market ecosystem.
These risk controls include:
- Mandatory multi-factor authentication (MFA) across key interfaces connecting brokers to the exchange
- Isolation protocols for affected connectivity and systems
- Enhanced monitoring systems for early detection of unusual trading or system activity
- Strengthened incident response and escalation procedures
The exchange said these safeguards have helped ensure coordinated responses and minimise systemic risks to Malaysia’s capital markets.
Review of IT Security Standards Underway
Bursa Malaysia is also conducting a comprehensive review of its IT security standards for brokerage firms, aimed at strengthening cybersecurity resilience across the financial industry.
The review will focus on enhancing brokers’ oversight of third-party information service vendors and ensuring that critical trading and operational systems are protected against emerging cyber threats.
The enhanced cybersecurity framework is expected to take effect in the fourth quarter of 2026.
Safeguarding Market Stability
The exchange reiterated its commitment to maintaining the integrity and stability of Malaysia’s capital markets, noting that cybersecurity remains a critical priority as financial systems become increasingly digitalised.
Bursa Malaysia said it will continue monitoring developments closely and take further measures where necessary to safeguard the market ecosystem from evolving cyber risks.
