KUALA LUMPUR: All agencies using the MyIdentity data have been instructed to implement stricter safety measures to data leaks, says Datuk Seri Hamzah Zainudin.
The Home Minister, who ruled out any leak coming from the National Registration Department (NRD), said it was important for stricter measures to be implemented.
"So far 104 agencies are permitted to use the MyIdentity data but the ones who really used it are about 100.
"We will reduce the number of agencies from time to time by introducing certain benchmarks and requirements that they have to meet," he told a press conference in Bukit Aman on Wednesday (Sept 29).
Hamzah said the ministry would ensure agencies using MyIdentity data take fast and stricter actions in implementing security measures to prevent leaks.
"We will start from now on briefing all users of the data on what they are supposed to do," he said.
Hamzah said an internal investigation had been conducted at the NRD and they did not discover any leaks.
He advised the public not to speculate and let the police conduct its investigation.
It was alleged that the MyIdentity data had been leaked from the Inland Revenue Board (LHDN) and was now being sold online.
The leak was first made public on Twitter by Adnan Mohd Shukor, an intrusion analyst, who shared a screenshot of the database being sold online for 0.2 Bitcoins (RM35,950).
The 31.8GB file purportedly contains names, email addresses, mobile numbers and addresses grouped by birth year from 1979 to 1998.
It was claimed that the data was harvested from the NRD through the MyIdentity application programming interface (API).
MyIdentity is a centralised data-sharing platform that is used by various government agencies.
However, the MyIdentity website – which was set up in 2012 – is no longer accessible.
The Inland Revenue Board (IRB) has denied an online report claiming that the data leak originates from its website through the MyIdentity API.