Scheduled for launch in the second quarter of the year, the Threat Intelligence Capacity Support Automation Project for Personal Data Breach Case Management aims to combat the illicit trade of personal information on online platforms, including the dark web.

Digital minister Gobind Singh Deo told the Dewan Rakyat today the system is consistent with the government’s commitment to secure Malaysians’ personal data.

The ministry, in a statement, said it is working through the personal data protection (PDP) commissioner to increase inspections of personal data systems under the Personal Data Protection Act.

This will be done through the introduction of online self-assessments to encourage better compliance among organisations in processing personal data.

Targeted raids will also be conducted on entities linked to data breaches and cyber incidents occurring at companies processing personal data.

The ministry said PDP commissioner offices will be opened across the country, starting with Sabah and Sarawak, to facilitate regulatory and enforcement efforts.

To address the shortage of skilled cybersecurity professionals, CyberSecurity Malaysia will establish the Malaysia Cyber Security Academy to provide training.

Last December, the National Cyber Security Agency (Nacsa) said it had launched an investigation into claims that data from the MyKad of 17 million Malaysians had been leaked and sold on the dark web.

Last August, more than 300GB of Prasarana Malaysia Bhd’s private data was reportedly leaked, with cybercriminal gang RansomHub claiming responsibility and demanding that the public transport operator pay an undisclosed sum as ransom.

In 2023, the Social Security Organisation suffered a data breach in which personal information such as MyKad numbers, salaries, addresses and phone numbers were leaked by a hacker group.