YDM has revealed that unscrupulous elements have been selling the personal data of Malaysian citizens stored in various government departments and private institutions in bulk auctions on the dark web for up to RM45,000.
According to the Utusan Melayu, Digital Foundation, Mohd Fazli Azran pointed out that the unscrupulous elements are selling the data stored by the nationals in banks, telecommunication, and government agencies through forums and chat software Telegram to avoid monitoring by law enforcement authorities.
The auctioned personal data covers the complete personal information of each person, such as name, address, gender, race, and other information.
Personal Data Sold Directly To Scammers
The data sold to scammers are used for fraudulent practices or marketing campaigns by selling houses, insurance, used cars, etc.
According to a study by the Digital Foundation of Malaysia, the data would be leaked based on deficiencies in cyber security management in the relevant departments and a lack of knowledge in the field of information technology.
Mohd Fazli Azran said most of the cyber activities are only covered in tenders or contracts for application development and are not conducted on a regular annual basis and only on systems deemed appropriate.
In practice, he said, every organization should allocate a reasonable budget for cybersecurity activities and also needs to have certified staff to conduct internal oversight. This is to enable early detection of cyber vulnerabilities and avoid data breaches.
Mohd Fazli Azran noted that institutions need to invest in cybersecurity technology over the long term and develop skilled staff.