Time for PM, ministers to take action on data leak incidents – Fahmi Fadzil
SHAH ALAM - Lembah Pantai MP Fahmi Fadzil today urges the authorities to take action in putting a stop to the multiple security breach incidents which caused millions of Malaysians’ personal data to be stolen throughout the past few years.
He said the latest news received where a hacker group had allegedly stolen data from the government's e-statement of wages which resulted in the personal data of more than one million civil servants, MPs and ministers being stolen was the fourth of such incident in the country.
“The first time such an incident happened was on May 18, 2022 involving 22 million data believed to be stolen from the National Registration Department (NRD) and Election Commission (EC).
“Then on May 31, 2022, where one million data was stolen from the International Trade and Industry Ministry’s Public-Private Covid-19 Industrial Immunisation Programme (Pikas) file and after that, on Aug 3 we heard there was a security breach of the iPay88 database where we do not know how much personal data was stolen from the incident,” he said in a video posted on hi Facebook page.
He further said the issue here was that all the personal data of civil servants, MPs and ministers could now be sold and misused by cyber criminals, including scammers.
Hence, he urged Prime Minister Datuk Ismail Sabri Yaakob to instruct government bodies and ministries to conduct cyber security audits and set up a special commission to handle this issue.
“This is important in order to disrupt the exploits or loopholes that allow cyber criminals to steal our personal data.
“I also request the PM to establish a Royal Commission of Inquiry to investigate and understand the theft of over 100 million personal data from 2017 to date,” he said.
In addition, he said there was a need for the Finance Minister and the Communications and Multimedia Minister to carefully consider and recommend to Parliament what severe punishment should be imposed on database operators who failed to guarantee the security of the country’s personal data.
He added that the Finance Minister should review the compensation system that could compensate all victims who have been affected by the theft of their personal data.
Meanwhile, he said the Communications and Multimedia Minister needed to amend the Personal Data Protection Act 2010 including removing the non-disclosure of the act to the Federal Government and State governments.
“This is important so that agencies, bodies and ministries take the issue of cyber security and data protection in their care seriously,” he added.
Yesterday, it was reported that the police were investigating claims made by a hacker gang who said that they had access to information on the wages paid to civil servants, including elected MPs and senior government officials.
The hacker group first brought up the claims on Sept 7 and demanded a response from the government by Sept 12.
“We had informed them that the damage has already been done and that if we do not get any response, we will make the data available for sale,” said the hacker group in a brief note to the media.
The hacker gang further claimed that the authorities quickly shut down their payroll system rather than replying to them directly.
Despite this response from the government, the group planned to start selling the stolen data on Sept 19.
KLIA district police chief Imran Abd Rahman had confirmed a police report on the incident was lodged by the National Audit Department.
He stated that no arrests had been made so far, with the investigation still ongoing.