Info of 22.5 million Malaysians born 1940-2004 allegedly getting marketed for US$10k

PETALING JAYA (THE STAR/ASIA Information Community) – An alleged knowledge leak containing the details of 22.5 million Malaysians born between 1940 and 2004, purportedly stolen from the Nationwide Registration Department (NRD), has as soon as again set the country’s data safety actions in the spotlight.

Local tech portal Amanz noted that the database, 160GB in dimension, is becoming bought for US$10,000 (S$13,846) on the dark net.

In the screenshot shared by the portal, the seller claimed that this is an expanded database in contrast to the one he sold in September previous 12 months, which was only up to 1998.

In each incidents, it was claimed that the information was siphoned from the NRD by the MyIdentity API (software programming interface). MyIdentity is a centralised info-sharing platform that is made use of by numerous govt agencies.

Malaysia’s Dwelling Minister Hamzah Zainudin on Wednesday said the alleged knowledge leak did not occur from the NRD, but from “numerous agencies which we have supplied some leeway for them to obtain facts from us”.

He did not title these agencies, or how quite a few companies experienced access to MyIdentity information.

Hamzah instructed reporters after attending an event that there was a system in area which could prove that the leaked data did not arrive from the NRD.

“Previously, there was a related allegation but we have managed to show that the leak was not from the NRD.

“It was from a number of agencies which we have presented some leeway for them to get hold of data from us,” he explained.

When the first info leak happened was discovered in September, it allegedly included the NRD databases of people born among 1979 and 1998, and was being sold for .2 BTC (RM35,350, or S$11,160).

But Datuk Seri Hamzah mentioned then: “Never worry about facts held by NRD. Our firewall is pretty robust.”

He claimed then that all govt businesses using the MyIdentity technique experienced been instructed to implement stricter basic safety measures.

On Wednesday, law firm Foong Cheng Leong explained the deficiency of transparency on investigations associated to facts leaks in Malaysia has been aggravating.

“There wants to be an account of how the make any difference is remaining investigated and what actions are becoming taken to be certain that the knowledge is secure.

“The data could serve as a deterrent to some others and show that there will be penalties for individuals leaking private data,” he reported in a mobile phone job interview.