Govt blocks website with Malaysians’ personal data

The website was accessible to anyone through a quick browser search.

PETALING JAYA: The communications and multimedia ministry (K-KOMM) has blocked an open-source intelligence website that allegedly contained the personal data of Malaysians, which became viral news on Twitter last Sunday morning.

The ministry’s action took place on the same day following a report published by FMT on June 12.

“An immediate inspection of the content and background of the website was carried out (jointly) by K-KOMM through the Personal Data Protection Department (JPDP), Malaysian Communications and Multimedia Commission (MCMC), and CyberSecurity Malaysia (CSM) on that day,” said its minister Annuar Musa in a statement released today.

“The order to block the website was issued to the internet service provider (ISP) in order to prevent any attempts to trade personal data, and the website was taken down at 6.30pm that day.”

Currently, a thorough investigation is being carried out jointly by the National Cyber Security Agency (Nacsa), JPDP, CSM, MCMC, police and Bank Negara on the matter, added Annuar.

He also said that K-KOMM, through JPDP, as well as MCMC and CSM, would continue to monitor and regulate the processing of personal data in commercial transactions to ensure that the process continues to adhere to the principles set under the Personal Data Protection Act 2010 (Act 709).

Meanwhile, Nasca and relevant agencies will continue to safeguard the data belonging to the federal and state governments, he added.

On Sunday, Twitter users raised concerns over a website that allegedly contained the personal data of Malaysians.

Twitter user @Radz1112, who was contacted by FMT, said that the website was accessible to anyone through a quick browser search, and posed a threat to the country’s national defence and the security of the public’s personal data.

The user also said that by having the name and birth year of a person, one could obtain certain personal information, such as an identification number and if the person was a member of the police force or military.

However, a check on the website that evening drew a blank as the site appeared to have been taken down or rendered inactive, according to the URL checker.

Earlier checks on the website by FMT on that day showed that a simple search with a person’s full name, year of birth, or state of residence could provide a redacted identity card number, with the first two and last two digits shown, as well as email addresses and links to social media profiles.

Keying in a mobile phone number showed the name under which it was registered, among other details. Car registration number plates could also be used to access certain information.

However, creating an account on the website and making payment allegedly provided detailed data for search results. The site offered several packages at various costs for this type of access.

Leave a Reply

Your email address will not be published. Required fields are marked *