Conduct cybersecurity audit on ministries, govt agencies, MP tells Putrajaya

Conduct cybersecurity audit on ministries, govt agencies, MP tells Putrajaya

Lembah Pantai MP Fahmi Fadzil says latest hacking incident, if true, shows personal data of civil servants, including Cabinet members, are at risk.

Fahmi Fadzil has called for a royal commission of inquiry to probe all personal data theft incidents in the past five years.
PETALING JAYA:
A cybersecurity audit must be carried out on all ministries and government agencies following reports that the salary data system for civil servants had been breached, says Fahmi Fadzil.

The Lembah Pantai MP said if the claims were true, this meant that the personal data of civil servants, including Cabinet members, are at risk.

“The prime minister must instruct all ministries and government agencies to immediately conduct a cybersecurity audit to identify and close any gaps that may put Malaysians’ personal data at further risk of being stolen,” he said in a statement.

He also demanded Prime Minister Ismail Sabri Yaakob provide an explanation on the data breach at the next Parliament sitting.

He said the finance minister, and communications and multimedia minister must also formulate a plan to impose heavier punishment on incidents of data theft besides compensating those who have had their personal data stolen.

Fahmi reiterated calls to the government to form a royal commission of inquiry (RCI) to probe all personal data theft incidents in the past five years.

“Considering that three out of four incidents of data theft this year were believed to involve government agencies, Putrajaya must also amend the Personal Data Protection Act (PDPA) so that it applies to the federal and state governments,” he said.

Yesterday, FMT reported that the police had launched a probe into a claim by a group of hackers’ who said they possessed personal data and payroll details of several ministers, MPs and civil servants.

The group had alerted Putrajaya on Sept 7 that the salary data system for civil servants had been breached and asked the government for a response by Sept 12, Sin Chew Daily reported.

The hackers said they had also emailed Chief Secretary to the Government Zuki Ali, government security director-general Rahimi Ismail and the office of the auditor-general over the matter.

However, the hackers claimed that the government decided to shut down the civil service’s salary data system instead of contacting them.

The hackers reportedly plan to sell the personal data they claim to have from Sept 19 onwards.

KLIA district police chief Imran Abd Rahman was quoted as saying they had received a report on the incident from the national audit department.

He said the case was being probed under Section 507 of the Penal Code for criminal intimidation by anonymous communication and Section 4(1) of the Computer Crimes Act 1997 for unauthorised access with intent to commit further offence.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.