Demi Group, a Malaysian conglomerate managing various subsidiaries (including ProOffice, Demi Couture, and ProView), has allegedly been compromised resulting in the exposure of sensitive internal databases. The data leak, which reportedly occurred in November 2025, involves the exfiltration of detailed employee records and extensive activity logs.
The allegedly compromised data contains approximately 1,000 employee profiles and over 175,000 check-in/login records. According to the leaked samples, the exposed information includes:
-
Full names
-
National Identity Card (IC) numbers
-
Dates of birth
-
Email addresses (corporate and personal)
-
Mobile phone numbers
-
Job titles, ranks, and department details
-
GPS location data (Lat/Long coordinates)
-
Physical check-in addresses
-
Device information (User agents and operating systems)
