It appears that there’s a potential data breach at the National Registration Department (JPN) as a database containing close to 4 million Malaysian citizens has been put on sale through an online forum. According to the seller, the data was freshly obtained from Jabatan Pendaftaran Negara and hasil.gov.my (Inland Revenue Board) through the MyIdentity API.
The database consists of 19 files in JSON/CSV format with a total size of 31.8GB. The person alleged that the current list contains details of individuals born between 1979 to 1998. The list includes personal details such as name, email, mobile number, permanent address, gender, IC number, race, religion, and even photos stored in base64 string.
The seller is asking for 0.2 Bitcoin (BTC) for the full list which is about RM35,000. Some interested buyers were asking for data narrowed down to selected cities but the seller prefer to sell the list in bulk.
At the time of writing, the MyIdentity portal is currently inaccessible. Launched in 2012, the platform was meant to make it easier for citizens and permanent residents to access and update their personal information when dealing with government agencies online. A total of 10 agencies were involved in the pilot project which includes National Registration Department, Malaysian Immigration Department, Road Transportation Department, Inland Revenue Board, Election Commission, Education Service Commission, Social Welfare Department, Labour Department of Peninsular Malaysia, National Higher Education Fund Corporation, and Royal Malaysian Police.
When another user asked for proof of authenticity, the seller shared personal details of a popular local celebrity based in Kuala Lumpur. The database appears to be legit as the image matches the actual person.
This potential data breach raises concerns about the security of the government’s online platforms especially when it involves the National Registration Department. Not only it exposes important details of Malaysians but the data can be misused for potential scams and phishing attack.
Under the MyDigital initiative, Malaysia aims to move 80% of public data to hybrid cloud systems by the end of 2022. In order to build trust, it is important for the government to strengthen cybersecurity for its platforms and to ensure resilience towards potential cyber-attacks.
[ SOURCE, IMAGE SOURCE ]
TNB Electron turns on yet another EV charging location at one of TNB's own premises.…
GXBank recently marked its second anniversary with more than one million Malaysians onboard, cementing its…
Realme has just launched a new budget-oriented mid-range smartphone in Malaysia, the Realme C85 5G.…
This post is brought to you by sooka. sooka pulled a lively crowd to Pavilion…
Infinix has just announced its strategic partnership with Pininfarina for its upcoming flagship smartphones, revealed…
During Proton's Tech Showcase, the national carmaker has also highlighted its digital and connected automotive…
This website uses cookies.