NSC chief acknowledges data breach threats, assures protection
TASNIM LOKMAN AND ATHIRA AMINUDDIN
SHAH ALAM - Data breaches and cybersecurity threats are ever-present in this day and age but never taken lightly by the government.
National Security Council (NSC) Director-General Datuk Rodzi Md Saad said the government has always taken extra steps to ensure that all national data was at its highest level of protection.
He added that they were also continuously upgrading the security systems to ensure that it was at par with any untoward threats to come in the future.
“The cybersecurity situation requires us to strengthen our capabilities and resilience. The threat is possible, but we do not take it lightly.
“At all times, this information is guaranteed to be kept private and not released. Even when there are discussions on these data, it is not explicitly shared in detail either.
“Only information that is publicised is the number of Covid-19 cases and patients. Only general data are used for public consumption.
“We adhere to our principles and managed by a competent team, and there has been no data breach from MySejahtera so far,” he told Sinar Daily in an exclusive interview.
Rodzi assured that there was nothing to be concerned about, stating he was confident the general public trusted the management of MySejahtera.
“All government decisions regarding MySejahtera are not made by one party alone but via a multi-agency committee.
“As a result, the allegation of irregularities is false because the government makes decisions in collaboration with all of the entities engaged in the application,” he said.
The MySejahtera application, which was launched in early 2020 for the purpose of contact tracing during the Covid-19 pandemic, has been under scrutiny for the past few weeks after news alleging that the government had plans to sell it to a private firm.
It is understood that there are about 38 million MySejahtera users, in and outside the country, where their personal information such as telephone numbers, identity card numbers and residential addresses are stored in a cloud server.
The users' check-in location data and health risk status from answering health assessments are also included in the data.
This has raised privacy and security concerns among many Malaysians.
Health Minister Khairy Jamaluddin has stated repeatedly that the user data collated by the application was owned by the government.
During his winding-up speech on April 7 in Dewan Negara, he said the KPIsoft (M) Sdn Bhd (now known as Entomo (M) Sdn Bhd) had signed a non-disclosure agreement (NDA) with the NSC on April 1, 2020 with regard to the handling of all MySejahtera data.
He had said among the terms stipulated was that the ownership of all data and information obtained via the app usage remained the absolute and whole property of the government of which their confidentiality and security were guaranteed.
Khairy was quoted saying that the MySejahtera app was vital and proven effective for Malaysia’s Covid-19 management and thus should be maintained.
“The Health Ministry sees the app through existing overlay functionality as a necessity, even as the country transitions towards endemicity,” he had said.
It was reported that since news of the controversies broke on March 26, mandatory MySejahtera check-in dropped by 26 per cent the next day.
According to data from Health Ministry’s Github portal, a total of 24,358,225 check-ins were recorded on March 25 but dropped to 20,106,659 the next day (March 26) and further down to 19,279,238 on the following day, March 27.
The figure dropped even further on March 28 to 18.038,569, which was noted reported to be the lowest in over seven months since Aug 22 last year.
