PKR’s Fahmi Fadzil urged the prime minister to order an immediate cybersecurity audit across all ministries to identify existing digital loopholes that hackers could enter and steal personal information. — Photo by Ahmad Zamzahuri
By Radzi Razak
Saturday, September 17, 2022 1:35 PM MYT
KUALA LUMPUR, September 17 – PKR’s Fahmi Fadzil today urged the government to set up a Royal Commission of Inquiry (RCI) to look into Malaysia’s cybersecurity following a new data leak from a government agency.
Lembah Pantai MP quoted a vernacular article Daily Chew Sin which two days ago reported a breach of the government’s online payroll system by cybercriminals who may have stolen one million sets of personal data as well as two million pay slips.
“This is the fourth large-scale data theft incident reported for 2022, and it is estimated that more than 25 million sets of personal data have been stolen so far this year alone.
“Therefore, I urge the Prime Minister to take this matter very seriously by setting up a Royal Commission of Inquiry to investigate all incidents of personal data theft in Malaysia over the past five years,” Fahmi said on Facebook.
He also urged the Prime Minister to order an immediate cybersecurity audit across all government departments to identify existing digital loopholes that hackers could enter and steal personal information.
Fahmi, who is Pakatan Harapan’s director of communications, said the prime minister should provide a public explanation of what is being done to protect confidential information online at Dewan Rakyat’s next session.
He also urged the Minister of Finance and the Minister of Communication and Multimedia to look into the establishment of a sanction mechanism for operators of personal databases who do not guarantee data security in their operations, as well as a compensation or damages mechanism for all victims of the crime of personal data theft.
“This is to send a very clear message that any party that processes personal data must be held accountable if data security is compromised, and that those who are victims of data theft must obtain justice.
“When we realize that three out of four incidents of personal data theft this year would involve government agencies, then the government must amend the Personal Data Protection Act 2010, including not exempting the federal government and governments of states the enforcement of this law,” he said.