Earlier this week, a database that allegedly contained the personal information of about 22.5 million Malaysians was put on sale on a popular database marketplace.
In response to the matter, Minister of Defence Hishammuddin Hussein said that the data leak will not affect national security as his ministry has systems in place to prevent such a situation.
According to The Star, Hishammuddin said he is confident that the country’s relevant intelligence agencies are prepared for any eventuality that arises from the breached data.
“I think that we are equipped, to the best of our abilities… This sort of threat does not jeopardise national security,” he said when met at the pre-launch of the Defence Ministry Housing Blueprint 3.0 at a Satu Anggota Satu Rumah (SaSaR) housing project site on Friday (20 May).
However, he did not clarify what specific mechanisms would prevent the data from being misused.
The leaked data set contained 20 attributes such as name, IC number, address, date of birth, gender, race, religion, mobile number, and Base54-based photo of the entire population with birth years from 1940 to 2004.
To provide proof that the data is legit, the seller also provided a sample record belonging to Home Affairs Minister Dato Seri Hamzah bin Zainudin and attached his IC photo.
Although the seller claimed that the dataset belonged to the National Registration Department (JPN) but the Ministry of Home Affairs (KDN) quickly denied that claim. Instead, the Home Minister said that leaked data was from the several agencies which they gave leeway for them to obtain information.
Nonetheless, Hamzah said an investigation has begun to ascertain the truth behind the data theft.
Up to date, not much was revealed about the ongoing investigation but the Home Ministry said it will be calling in individuals involved in the sale of personal data for assistance and that the results would be announced soon.
Hamzah also said that the standard operating procedure (SOP) for obtaining personal data through agencies under JPN will be placed under review as obtaining the data directly from the department would prevent the situation from happening again.
What do you think about this? Share your thoughts!