KUALA LUMPUR, Sept 29 — The National Registration Department (NRD) has confirmed that there were no data leakage from its personal data base, said Home Minister Datuk Seri Hamzah Zainudin.
He said this was because the firewall of the data security control system was very secure and all information is protected.
“My ministry has always ensured the security and integrity of data on Malaysian is assured under NRD.
“So do not fret over data held by NRD, as my ministry will ensure all agencies using MyIdentiti from NRD take stringent measures,” he told a media conference after presenting the appointment letter of the Inspector-General of Police at Bukit Aman here today.
He was commenting on the sale of data on Malaysians which went viral in a forum recently.
“NRD has taken quick high security actions and has always complied with the policy of myIDENTITY system usage to prevent data breach by irresponsible parties,” he said.
Hamzah said on Monday NRD confirmed detecting a post in an online forum which highlighted an allegation that sale of data on Malaysians obtained from the Inland Revenue Board existed via sharing of myIDENTITY belonging to NRD.
“The alleged data on four million Malaysians born from 1979 to 1989 were offered for sale at 0.2 BTC (Bitcoin) which is equivalent to RM35,495.
“As such, NRD had reported the matter to IRB to investigate if data leakage had taken place in the agency,” he said.
He said on Monday, NRD lodged a report with police and the Malaysian Communications and Multimedia Commission (MCMC) yesterday to enable investigation to be carried out.
“Yesterday, a discussion was held with the National Cyber Coordination And Command Centre (NC4) NACSA and IRB and among others, touched on the issue as well as the method of sharing myIDENTITY with IRB as well as security control on the related data,” he said.
Hamzah said NRD only shares the myIDENTITY service with several government agencies for the purpose of reviewing and confirming the identity of Malaysians as well as permanent residents dealing with the respective agency.
“Apart from that, NRD confirmed no such case had happened before,” he said.
Yesterday, IRB in a statement denied a report on a digital discussion which claimed the data of four million Malaysians had been leaked via Application Programming Interfaces (API) which was carried out for myIDENTITY under the supervision of NRD.
According to the statement, IRB is only a user and not the owner of myIDENTITY system. — Bernama