The Domestic Trade and Consumer Affairs Ministry has taken steps to address the exposure of banking details on its petrol subsidy website.

According to a ministry press release, the ministry had increased the site's system and data security before reactivating it for public access.

"Referring to the technical issues concerning the official portal of Petrol Subsidy Programme, the ministry has taken immediate action to address the problem.

"The ministry takes seriously the aspects involving the integrity and data security of PSP recipients, and would always take proactive steps to protect their data.

"At 1pm on Thursday, the technical issues have been successfully addressed, and the PSP portal has been reactivated with improvements on its system and data security aspects,"it said.

The ministry was responding to the issue of PSP recipients’ bank account numbers exposed on the website.

It was first highlighted by a tech website yesterday, which pointed out the flaw which allowed users to view the full bank account numbers of each recipient on the source code of the results page.

This was albeit the full account number being partially masked on a form displayed on the site to show one's eligibility for the subsidy. 

"We went on and tested at least five more random MyKad numbers and can confirm we were able to obtain the full account numbers of the eligible recipients in the same way as outlined above," the tech portal said in its article yesterday.