LETTER | We refer to The Star’s new report today, “Your personal data on sale – cheap” and wish to advise our politicians and all those in government that any cybersecurity breaches – even if it involves the personal data and private information of citizens have far-reaching implications and raises serious concerns over national security.
This is not the first time in recent memory we read about such grave security breaches. And each time an expose is made, we are dished with similar statements from officialdom. This cannot be, and Patriot demands a permanent, effective and dependable resolve from all those in office charged with the responsibility to safeguard the citizens and the nation.
As per the news report, “personal data has been allegedly sold openly on the Internet for a few ringgit”. The expose claims that the site allows a person to be searched by name, address, phone number, MyKad or military ID or date of birth.
If this is not a serious breach of security that has far-reaching implications and consequences, then pray tell us what is.
The fact that this cybersecurity breach has taken place without the knowledge and lack of vigilance of all those responsible for safeguarding vital security information calls for an immediate national crisis address on the matter by none other than the prime minister himself.
If searching for someone via a MyKad number can reveal the person’s full name, date of birth, gender and house address Patriot deems it as a very serious security matter. And what more when detailed information, including MySejahtera vaccination info, loans and credit card applications, can be assessed by all and sundry through a paywall.
And what is most worrisome is that all of such data extractions can be done by a mere Google Search and needs no high-tech hacking wizard to do so.
While the Malaysian Personal Data Protection Department (PDPD) has responded by saying that it had requested for the website to be blocked, Patriot believes this is not good enough. We question where the preemptive gatekeeping effort was?
The chairperson of cybersecurity firm LGMS Bhd and cybersecurity consultant Fong Choong Fook, who is reported to have analysed the website and said it was likely created by Malaysians or people who were familiar with the local market.
This explanation by the expert then raises more questions about the government and its paid officers’ vigilance and pre-emptive work in progress.
While Patriot is cognizant of the fact that cybercrimes are phenomenal, it is the duty and responsibility of the government, its ministers and all paid appointees and contracted service providers to guarantee the security of our personal data.
If citizens are required or compelled to furnish personal data on the various official/government online applications or for services/registrations, then the onus rests with the initiator to ensure all security gatekeeping is not compromised.
As ex-servicemen, we know how the misuse of crucial personal data of citizens (including the government) can also jeopardise national security.
In these times of global extremism, where terrorism, for example, is a real threat, the inability to protect personal data cannot be tolerated.
Patriot demands immediate accountability from all those who are culpable in this matter of grave national interest. We register our concerns with serious, patriotic intent and in representing ex-servicemen of the military and the police as well as for the interest of citizens.
MOHD ARSHAD RAJI is the president of Persatuan Patriot Kebangsaan (Patriot).
ZULKIFLI MOHAMED is Patriot deputy president.
The views expressed here are those of the author/contributor and do not necessarily represent the views of Malaysiakini.