I was asked by The Star to comment on the leak of personal data of over 802,259 Malaysians allegedly siphoned from the MySPR Daftar website. The data is being sold on an online forum for US$2,000 (RM9,240), to be paid in bitcoin or monero cryptocurrency. The seller claimed that the Election Commission database includes selfies and MyKad photos (around 1.6 million photos with a file size of 67GB) that were provided for online voting registration on its MySPR Daftar website through the electronic Know Your Customer system. I said-
Bar Council co-chair of the intellectual property committee, Foong Cheng Leong, concurred, saying that such incidents have happened many times but nothing substantial has been done by the government to secure people’s data.
“Given the poor security measures by the government, the public should not volunteer so much information to them.
“The public must also demand an explanation from SPR and that it discloses full details of the investigation. Authorities have to re-look their security practices, including the online verification process,” said Foong.