Personal health data theft scary


THE Consumers’ Association of Penang (CAP) is distressed by the recent news that a group of hackers had hacked into the systems of both government and private hospitals and stolen the personal health data of tens of thousands of individuals – data which is then sold to pharmaceutical companies through information selling syndicates.

The implications of this cyber theft is terrifying because our Government and various agencies are trying to get everything (banking transactions, filling forms, making complaints, etc.) to go “online”, as part of our green initiative. However, there is a big chance we don’t really have the security to back this move as made obvious by this incident.

A news report has stated that 10,000 cyber crime cases are reported each year with losses equalling more than RM2.7m; and the crimes largely involve online scams and hacking of computer servers.

This breach in privacy is no laughing matter and must be taken seriously.

Many people may not realise this, but information related directly to them has been obtained against their will and is now being bartered between unscrupulous individuals for profit.

Ultimately, drug companies are at the end of this chain – using this unlawfully obtained information to make more money out of the victims.

Also consider that we cannot be certain that pharmaceutical companies are the only ones buying this information.

There may be companies in many other sectors that can benefit from possessing this information, for example insurance companies.

This incident should be a clear indication to us that if a group

of hackers can overcome the security in both government and private hospitals so easily to steal personal health data, they can also steal some other set of personal data and sell it to the highest bidder ... for instance, banking information.

This could already be happening and it just has not been detected yet.

Despite this, the agencies responsible for our cyber security have put onus on the public, be it businesses or individuals, to report if they notice their computer servers being tampered with so that they can stop any data theft.

This is obviously not a sufficient way to handle the issue.

By the time anyone realises there is something wrong with their computer servers it’s

probably already too late...unless the individual is a hacker himself.

In light of this, CAP suggests that:

> Agencies such as Cyber Forensics Intelligence Centre (CyberFIC), CyberSecurity Malaysia (CSM) and the Malaysian Communication and Multimedia Commission (MCMC), need to nip this problem in the bud by tracking and stopping the hackers who steal this information;

> The companies, such as the pharmaceutical companies in

this case, that buy this information should be charged with having committed a criminal offence by possessing personal data illegally;

> If there is no market for unlawfully obtained personal data then stealing the information becomes redundant; and

> MCMC, CyberFIC and CSM, as the responsible agencies, need to beef-up our cyber security immediately.

S.M. MOHAMED IDRIS

President

Consumers Association of Penang

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Letters

Heads-up on the enforcement of new cable colour code for electrical wiring
Building resilient digital ecosystems
Why cash should remain a payment option�
Resolving the land status of Tamil schools in Perak
How Malaysia is advancing climate action, energy security, and resilience
Philippines school shooting: When warning signs become tragedy
A turning point for safer commercial transport
Protect them before the damage becomes irreversible
Safer in nature with better trail management
From hotels to biohacking: A view of executive wellness

Others Also Read