WITH several ministers attempting to underplay expose over revelation that millions of personal data may have been compromised, an expert urged Putrajaya to stop trivialising such matters and act on the matter.
“We need an independent investigation to get to the bottom of the matter. The team must include former top-ranking police officers and ex-officials from the National Registration Department (NRD).
“The findings must be made public and those responsible must be arrested,” Arunachala Research & Consultancy Sdn Bhd principal consultant R Paneir Selvam told FocusM.
Last week, tech website Lowyat.net reported that NRD dataset containing details of Malaysia’s population with birth years between 1940 and 2004 – roughly about 22.5 million people – was on sale for nearly RM44,000 at a database marketplace forum.
The seller claimed the personal data included full names, identity card numbers, addresses and photographs. Data from the Election Commission (EC) website is also allegedly up for sale.
Following the shocking revelation, Bukit Aman Commercial Crime Investigation Department (CCID) announced it would investigate the matter.
“We urge the public not to speculate on the issue. The police can assure that proper investigations will be conducted to address the matter swiftly,” CCID director Datuk Kamarudin Md Din had said.
Later, Home Minister Datuk Seri Hamzah Zainuddin claimed that the leak did not come from NRD, despite the ongoing probe.
“We (at the ministry) have a mechanism to verify that the leaked data was not from the NRD.
“As in previous cases, the sale of data involves several agencies which we have given some leeway (for them) to obtain information from the department.”
On May 20, Senior Minister (Defence) Datuk Seri Hishammuddin despite the leak, Malaysians need not worry as it would not jeopardise national security.
“The home ministry has the Special Branch, and I’ve worked with them in the past (as home minister). I believe that they (home ministry) are more than equipped (to handle such a threat).
“Also, this sort of threat does not jeopardise the national security of our country,” Free Malaysia Today reported him as saying.
Touching on the matter, Paneir Selvam said that in developed countries, such exposes would have triggered the minister in charge to take responsibility over the matter and resign.
‘Unfortunately, we don’t practise that culture here. The problem in Malaysia is that we are not proactive in dealing with any situation.
“We only act when something bad has happened. What we need in Malaysia is a mindset change, where we prioritise prevention before cure,” he mentioned.
Elaborating on the data leak, Paneir Selvam opined that it could have happened through two ways; one is the leak being perpetrated by an insider or secondly, by hackers.
He also urged the Government not to underestimate the situation as the data leak could very much involve personal details of VIPs.
“We have to find our if personal details of our Agong, prime minister and other Cabinet members were also leaked in the dark web.
“And we need to ascertain whether any of our intelligence information got leaked in the process too. That is why I consider this a national security issue,” Paneir Selvam stressed.
Was CyberSecurity Malaysia consulted?
Calling it a treasonous act, the academic warned that such data leak could compromise Malaysia’s security apparatuses work as top officials could be at risk of being threatened by unsavoury elements.
“For example, these dubious people may be in possession of a top police officer’s family’s daily routine. They can essentially use the information to threaten to harm the officer’s family if the latter doesn’t cooperate with them,” he quipped.
On that note, Paneir Selvam questioned whether NRD or any other Government agencies holding personal data of Malaysians had approached CyberSecurity Malaysia to strengthen their system to prevent such leaks.
“In developed nations like the US, the authorities work constantly to upgrade and update their data storage system. They even hire hackers and get them to try to hack into the system to test it.
“If the hackers succeed, they even hire the former and get their know-how on how to strengthen their systems further.
“So my question to NRD and other agencies, did you all get help from CyberSecurity Malaysia to strengthen our database system to deter hacking?”, he queried. – May 22, 2022
