The Communications and Digital Ministry is taking the alleged breach involving the personal data of 13 million Malaysians on a website seriously and has ordered that access to the website be blocked.
Communications and Digital Minister Fahmi Fadzil said the ban notice was submitted to the Malaysian Communications and Multimedia Commission (MCMC) to stop the public from accessing the website.
He added that his ministry, through the Personal Data Protection Department (PDPD) and Cybersecurity Malaysia (CSM), was obtaining feedback from Maybank and Astro to verify the alleged leaked data.
In a statement today, he said preliminary investigations into the Maybank account numbers displayed on the website that went viral revealed that the accounts were invalid or did not exist as transactions could not be made.
“There is also the potential that the alleged leaked data refers to the leak that occurred in 2018.
“However, official confirmation from relevant parties is needed for detailed investigations under the Personal Data Protection Act 2010 (Act 709),” he said.
Fahmi (above) earlier instructed the PDPD and CSM to investigate allegations that a website had listed personal data of 3.5 million Astro subscribers, 1.8 million Maybank accounts, and 7.2 million users compiled by the Election Commission on Christmas Day at around 7.56pm.
The alleged leaked information involved usernames, full names, dates of birth, addresses, and identity card numbers.
Fahmi said investigations into the alleged EC data breach would be left to the National Cyber Security Agency (Nacsa) for further action as it was outside the purview of Act 709.
Act 709 stipulates that every personal data company must comply with the seven Personal Data Protection Principles in managing customers’ personal data to ensure it is not misused.
Failure to comply is an offence punishable by fines of not more than RM300,000, or two years jail, or both if found guilty.
Fahmi also reminded internet users to ensure their cybersecurity was at a good level and to comply with the principles and standards of personal data protection as outlined in Act 709.
- Bernama
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.