Malaysia comes in at the 11th spot for breach of user's data
SHAH ALAM - Malaysia comes in at the 11th place for the country with the highest breach of persona user's data for the second quarter of 2022.
University of Malaya (UM) cyber law expert Professor Dr Abu Bakar Munir said, this is based on the latest research by the cyber security company Surfshark.
According to the leaked data report by Surfshark, throughout the period of April until June 2022, more than 665,200 Malaysian users were hacked, while since 2004 there have been 44.2 million hacked accounts.
"According to the reports in Singapore, most of the causes of data leakage is an unsatisfactory organisational system. In my opinion, we are weak in technical matters and organisational system is also lacking.
"What I mean by an effective organisational system is sufficient training, policy and management risks that need to be improved upon to reduce data leakage issues. If a data leak occurs,regulators and data subject regulators should be told to enhance accountability and transparency.
"With those criteria, companies will be more careful in protecting data and strengthening their system either from a technical or organisation point of view," he told Sinar.
On the subject of fraud and scams, Abu Bakar said the technique most commonly used in Malaysia is by using phone calls or text messages.
"If we look at most cases of fraud, it usually starts with a phone call or message. The question is, where do they get the number from? Whereas, it is personal data that should be protected.
“Therefore, the law such as the Personal Data Protection Act should be seen from the aspect of data protection and not in terms of human rights.
"If the problem of data leakage can be overcome, Malaysia can be more competitive as an investment and financial hub,” he said.
Based on statistics by the police, commercial crime cases such as fraud and forgery to obtain goods and money has caused a loss of RM1.73 billion with 30,536 cases last year.
More worrying, the Securities Commission Malaysia (SC) revealed that a total of 67,552 cases of fraud involving losses worth RM2.23 billion has reported since 2017 until June 20, 2021.
Following that, the Communication and Digital Ministry intends to amend the Personal Data Protection Act 2010 (PDPA) for security purposes an to prevent data leakage.
Its minister, Fahmi Fadzil said the amendment was not only intended to strengthen the act, but also to ensure all organisations that handle personal data are responsible to protect users information.
Meanwhile, Personal Data Protection Department former Chief Director Mazmalek Mohamad said, the act should be amended in view of the the rapid technology growth in recent years.
"The act is already 12 years old. For me, it is very important for it to be amended especially when we live in the world of digital banking and social media.
"For me, the time has come for us to review and add elements that can monitor users data.
"Imagine, how many people unknowingly share their phone number while simultaneously revealing personal data to other people? Therefore, this act is very important to reformulate the act," he said.
In addition, Mazmalek was of the opinion that the amendment of this act is also the ministry's effort to place more responsibility on the company which manages personal data.
"The issue is when companies who hold users' data do not see the leak as a threat or a big problem for users.
"They don't seem to be responsible if data leakage occurs and only expect actions from the government. Whereas, data leakage may affect someone's image," he elaborated.