We have no idea how much more confidential information belonging to Malaysians as well as classified information of the state has been leaked out to unauthorized persons.

You are absolutely right! Trust your own eyes and ears! The personal details of more than 20 million Malaysians, not 20 thousand, have been leaked out to unauthorized individuals!

A database purchaser has claimed that it has the personal details of 22.5 million Malaysians born between 1940 and 2004 from the National Registration Department and the Election Commission.

And these particulars are not just MyKad numbers but also the holders’ names, ages, photos, addresses and telephone numbers totaling 20 different items.

The selling price is not too steep, just US$10,000 at the rate of only 0.0019 Malaysian sen for each individual’s information. That makes our credentials look dirt cheap!

If the information happens to fall into the hands of scammers, they can easily trace the information of a victim’s parents and family members and will then be able to clone our voices to scam our family members for money.

Such cases have happened overseas and we mustn’t take it too lightly here.

Home minister Hamzah Zainudin said JPN had initiated the investigation as soon as the data leak incident came to light, and discovered that the personal details of Malaysians had been acquired through other channels and not directly from JPN’s database.

Hamzah’s revelation has nevertheless conveyed a very worrisome message, that while JPN would not leak out the data, other institutions could!

For the convenience of other government departments, JPN’s data can be directly retrieved from its database by these agencies.

How to hold back the particulars of over 20 million Malaysians? Making amends is too late now!

It is imperative that the JPN conduct an immediate and urgent review of its own modus operandi and tighten its control of the flow of information, including requiring the recipients to apply for information retrieval, stricter monitoring of its use and data destruction after use.

It was reported that the personal data of some four million Malaysians were leaked late last September, attesting to the fact that there are very serious loopholes in the country’s  personal data management. We have no idea how much more confidential information belonging to Malaysians as well as classified information of the state has been leaked out to unauthorized persons.

Malaysia was the first Asean country to have enacted a data protection law (Personal Data Protection Act, PDPA) which officially came into force on November 15, 2013. The use of any commercially acquired data within this country has to strictly comply with the provisions under the Act, and violators can be fined up to RM500,000 or jailed not more than three years.

With such strict regulations governing the acquisition and use of personal data by private business organizations, why is it so easy for such data to be leaked out from government departments? That’s really inconceivable and the officials involved must be seriously dealt with!

The leak of 20 different items of personal particulars could just be the tip of the iceberg. Thanks to advancement in information technology, it is highly possible that more confidential information such as an individual’s credit card number, bank account particulars as well as passwords used for authentication purposes in various web services may all be leaked out in future, along with our personal data.

As mentioned earlier, if such information falls into the wrong hands, the data owner’s privacy will invariably be compromised and the victim may not only suffer innumerable property losses but also be made an “unwitting perpetrator”!

The government has repeatedly reminded the public to carefully handle their personal data, but why on earth has something this serious happened to us now?