A suspected personal data breach involving millions of Malaysians is a national security concern if reports about the matter were true, said Deputy Home Minister Nur Jazlan Mohamed.
"Computer network breaches are always a national security risk.
"Collusion between criminals and staff who look after the (personal data) system is a criminal act and a national security risk," Nur Jazlan told Malaysiakini.
The MCMC and police are currently investigating the alleged breach and sale of the data, which was first highlighted by Lowyat.net.
The technology portal described it as possibly one of the largest breaches in the country's history.
In its report on Thursday, the portal said personal data, including 50 million entries from various telecommunication companies, were being sold online.
It said the data included customer names, billing addresses, mobile phone numbers, sim card numbers, handset models and MyKad numbers of customers.
Other information being sold included personal data obtained from a jobs portal, medical associations as well as housing loan applications.
Asked if this information can be used to forge identity cards, Nur Jazlan replied: "Of course."
"In the current system of ID, we rely heavily on documents like the MyKad which can be faked and only verified physically through the chip and thumbprint.
"We need to upgrade and add facial recognition and retina scans to get a complete digital ID that cannot be easily stolen or faked," he added.
He said such efforts were already being carried out by the various agencies under the Home Ministry, such as the police, Immigration Department and the National Registration Department.
"This is so that identification can be done without the need to produce documentary evidence," he said.
Meanwhile, Nur Jazlan said the Communications and Multimedia Ministry should take firm action against companies that fail to protect consumer data.
"They should ensure the companies protect (customers) from such breaches and punish the companies that fail to do so," he said.
Those found leaking personal data could be punished under the Personal Data Protection Act 2010, among others, with a fine of up to RM500,000 or a jail term of up to three years.- Mkini
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.