Few days ago, Fahmi reportedly was quoted to have said the government guarantees that data in the Central Database Hub (Padu) is secured.
The cybersecurity industry must be gasping and asking aloud amongst themselves – oh my…..what have you done?
Fahmi is breathlessly fanning the flame challenging hackers to hack into PADU.
If he had been following news on cybersecurity, rule 101 on what motivates a hacker or hackers aside from money are fame and challenge.
Some explore simply to find out what vulnerabilities exist and are only in it for the personal vindication that comes from figuring out a way into complex, secure infrastructures.
They aren’t interested in wreaking havoc, but rather are in it for bragging rights.
Some want the fame associated with it to highlight their achievement.
No organization, large or small, public or private is safe from hackers.
The personal data of Malaysians have been widely exposed through a number of data leaks from both the public and private sectors over the years.
Most often, we hear databases of Malaysians containing phone numbers, emails and even eKYC photos being sold online but we hardly hear an outcome of an investigation, who was responsible and what were done to prevent this from happening again.
For example the alleged data breach involving 5 million AirAsia passengers and data leak on Maxis’s subscribers where the response from both is merely to say that their critical systems are not affected and there is no operational impact.
When there was a report in Dec 2022 of a website that had listed personal data of 3.5 million Astro subscribers and 1.8 million Maybank accounts, Fahmi ordered the Personal Data Protection Department and CyberSecurity Malaysia to investigate the allegations.
If not for the matter being asked in the Dewan Rakyat in Nov 2023, the public would not have known of the results of the investigations and the actions taken, if any, on and by both organizations.
The ordinary rakyat is still waiting for him to deliver on the following which he made in January 2023 where he said, publicly,
- that amendment to the Personal Data Protection Act 2010 (PDPA) to curb personal data breaches is expected to be presented in Parliament before the end of 2023. The Deputy Minister in a reply in the Dewan Rakyat in Oct 2023 said the Ministry is looking at tabling the Bill during next year's Dewan Rakyat session in March 2024, and
- the elevation of the Personal Data Protection Department (JPDP) as a statutory body to ensure it has enough resources to combat the issue of personal data leaks.
Over the years, the country continues to experience some of the worst data breaches in the region.
One of the biggest data breaches in Malaysia was in 2022 when the personal details of 22 million Malaysians, allegedly from the National Registration Department, were leaked and sold online.
Reportedly, the Minister then said the breach was not a big issue and the government will launch an investigation into the matter.
What Fahmi should reassure the ordinary rakyat is not the guarantee that PADU is safe and secure but if PADU is hacked, the government will practice transparency and disclosed it publicly instead of keeping silent and asking the public not to speculate on the alleged hack as practiced presently.
You have just painted a bull's eye on the back of every Malaysian, making each of us sitting targets.
If the impossible do happen in the future i.e PADU is ever hacked, the least you can do is reveal it publicly.
FLK is a content creator under the Newswav Creator programme, where you get to express yourself, be a citizen journalist, and at the same time monetize your content & reach millions of users on Newswav. Log in to creator.newswav.com and become a Newswav Creator now!
The User Content (as defined on Newswav Terms of Use) above including the views expressed and media (pictures, videos, citations etc) were submitted & posted by the author. Newswav is solely an aggregation platform that hosts the User Content. If you have any questions about the content, copyright or other issues of the work, please contact Newswav.
