MP SPEAKS | I am deeply concerned by reports that the Flexi Parking system has been hacked, affecting parking payment services across 64 local authorities nationwide, including the Smart Selangor parking system.
This incident is not merely about the loss of parking revenue. The far more serious issue is the potential compromise of citizens’ personal data.
The responsible authorities must not remain silent. They owe the public a full explanation of what happened, the extent of the breach, and the measures being taken to protect affected users.
According to media reports, warnings about security vulnerabilities had allegedly been raised on multiple occasions before the system was eventually compromised. If these reports are accurate, they point to serious shortcomings in governance and risk management.
Why were the vulnerabilities not addressed earlier? What data may have been exposed? Who will be held accountable? Will the system operator bear responsibility for any financial losses arising from the incident?

I have consistently raised concerns about the privatisation of public digital infrastructure. In July last year, I called for the immediate suspension of the Selangor Intelligent Parking (SIP) programme and urged a comprehensive review of its policy direction and implementation framework.
My concerns remain valid today.
Under the SIP model, half of the parking revenue collected from users is channelled to the private concessionaire, leaving local authorities and the state government with only the remaining 50 percent.
When public resources are reduced in this manner, it inevitably raises questions about whether local authorities retain sufficient capacity to effectively oversee cybersecurity, operational standards, vendor performance, and public accountability.
This incident should also prompt a broader policy discussion. The federal government established GovTech to strengthen in-house digital capabilities, reduce dependence on external vendors, and break down data silos across government agencies.
The objective is clear: critical public digital infrastructure should increasingly be developed, managed, and governed within the public sector itself.

Yet Selangor continues to pursue the SIP model through partnerships with private operators that are responsible for managing, deploying, and operating core parking systems. This approach runs counter to building long-term public-sector digital capability and resilience.
Call for investigation report or public hearing
The Flexi Parking breach must serve as a warning.
I therefore call on the Selangor government to immediately publish a comprehensive investigation report detailing the cause of the breach, the scope of data exposure, the financial implications, and the corrective actions being taken.
If such transparency is not forthcoming, Selangor state assembly members should request that the Selangor select committee on competency, accountability, and transparency (Selcat) conduct a public hearing into the matter.
A transparent and professional inquiry is necessary to identify weaknesses, strengthen oversight, and restore public confidence.
Cybersecurity is not merely an IT issue. It is a matter of public trust, governance, and accountability. When citizens are required to entrust their personal information and daily transactions to government-linked digital systems, the government has a duty to ensure that such trust is never taken for granted. - Mkini
LEE CHEAN CHUNG is the MP for Petaling Jaya.
The views expressed here are those of the author/contributor and do not necessarily represent the views of MMKtT.

No comments:
Post a Comment
Note: Only a member of this blog may post a comment.