SayaKenaHack.com only provides information, does not allow data download


PETALING JAYA: SayaKenaHack.com did not breach Section 130 of the Personal Data Protection Act 2010 (PDPA), says the Bar Council cyber law and information techno­logy committee.

The committee’s co-chairman Foong Cheng Leong said the website was merely a platform for users to check whether their personal data had been leaked or breached.

“Currently, the Malaysian Communications and Multimedia Commission (MCMC) is blocking the website for breaching Section 130 of the PDPA for unlawful collection of personal data.

“If the website allows people to download the personal data of others, then it will be a violation of PDPA.

“But it merely provides information on whether a user’s identity card number, or other form of personal data, has been breached.

“Therefore, the website did not violate the PDPA,” he said when contacted yesterday.

SayaKenaHack.com was created by IT expert Keith Rozario to help the public verify if they were part of a data breach that affected some 46.2 million mobile phone subscribers. He denied allegations that it was a phishing website to obtain MyKad numbers.

Foong said the onus was on MCMC to prove whether the website’s creator had been collecting the personal data of users.

“He may or may not have committed an offence, but MCMC has to prove it first,” he added.

Meanwhile, the Association of Banks in Malaysia (ABM) said the commercial banking industry takes a serious view of fraud prevention, and remains vigilant in managing risks relating to such acts.

ABM was addressing concerns regarding unscrupulous people exploiting the leaked personal data to apply for a credit card or bank loan.

An ABM representative said the association’s member banks have strengthened and intensified their identity verification procedures.

“Other specific precautionary measures may vary from bank to bank depending on their internal risk management requirements,” said the representative in an e-mail interview.

In a statement, Maxis Bhd urged its customers to exercise precaution and be on guard against scam e-mails and phone calls.

Similarly, Digi encouraged its customers to be mindful of potential risks of sharing or validating information from unverified sources.

On Oct 19, technology news portal lowyat.net reported that an individual had attempted to sell the information of the 46.2 million subscribers for an undisclosed amount of Bitcoin.

The data breach, said to be one of the largest ever in Malaysia, is believed to have happened in 2014.

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
Courts & Crime , data breach , lowyat , telcos

Next In Nation

Johor polls: Don't split your votes, Kit Siang tells voters
BMW used by PM an existing govt asset, says Prime Minister's Department
Fahmi congratulates bowlers on historic world title triumph, ending Malaysia's 20-year wait
'I'm still Umno member': Puad Zarkarshi's son disappointed at being labelled 'spy'
Finance Ministry unveils 'MediAsas' health insurance, pilot to begin end of July
Johor polls: Political differences won’t hinder state-federal ties, says Onn Hafiz
Unfair, highly restrictive tax-exempt conditions imposed on TAR UMT, says MCA president
Singaporean 'stealing' RON95 viral video baits online outrage, that may have been the intention all along
TARC Education Foundation receives three-year tax exemption extension
Banting school stabbing suspect to be remanded on Tuesday

Others Also Read