Personal Data Breach at Government Agencies – What Measures Can Be Taken?

In the third week of May 2022, the public’s attention was once again roused over an alleged data leak involving the personal information of 22.5 million Malaysians of the age between 18 and 82 years. It was reported that such personal information was allegedly leaked from the database of the National Registration Department (“NRD”). The allegation, however, has been denied by the Home Minister, Datuk Seri Hamzah Zainuddin, who said that the dataset did not belong to the NRD. Local tech forums such as Amanz and Lowyat.Net reported that the 160 GB size of database is put on sale on the dark web for US$10,000.

Disappointed but not surprised – is probably the accurate public response towards the breach, considering that this is the second time that an alleged breach at the NRD has been reported when the same thing happened back in September last year involving the sale of personal details of 4 million Malaysians, stolen from NRD and the Inland Revenue Board.

Read More