‘No breach on MySejahtera’

All’s good: The Health Ministry carried out an investigation and has found no leak of the MySejahtera database. — IZZRAFIQ ALIAS/The Star

PETALING JAYA: There was no data leak involving MySejahtera users, says the Health Ministry.

The ministry said this after it carried out an investigation following complaints and reports of unsolicited one-time password (OTP) text messages and spam email from the Covid-19 app’s helpdesk.

It said initial investigations by the Malaysian National Cyber Security Agency (Nacsa) showed the OTP messages and spam emails were sent out by misusing the app’s application programming interface (API).

“There was no leak of the MySejahtera database,” the ministry said in a statement.

Earlier, the MySejahtera team said the unsolicited OTP messages were sent to verify random users’ phone numbers for check-in QR registration, which is meant for business premises, public transport operators and others to get a QR code to be used for MySejahtera check-ins.

The ministry said irresponsible parties had randomly entered mobile numbers and email addresses into the registration field on the MySejahtera website.

“If such an email or mobile phone number is valid, MySejahtera will send out an OTP to confirm the registration,” it said.

On the spam email, the ministry said the “Need Help?” function had been misused to send out spam to random email addresses.

It added that the MySejahtera team apologised for the inconvenience and had since blocked MySejahtera’s API endpoints to facilitate a security enhancement fix.

An API refers to the coding platform that allows two software programmes to communicate.

An API endpoint is where it connects with the software programme.

APIs work by sending information requests from a web application or server and by receiving a response.

The MySejahtera app and website were jointly managed by the ministry and the National Security Council.

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Nation

Tanker lorry driver cheats death as vehicle catches fire
MIC Youth deputy chief denies unzipping pants during argument, lodges police report
Clinical trials for two locally-produced vaccines will be conducted, says Dr Adham
VTL will aid economic recovery, boost bilateral ties, says Dr Wee
I'm the one who introduced Guan Eng to Consortium Zenith exec director, Nazri tells court
Ismail Sabri describes first official visit to Singapore a success after launch of VTL
M'sia Cup final: 1,500 police personnel to be on duty
Petronas marks 18-year journey in China
Army arrests 45 illegal Indonesian immigrants in Teluk Punggai
Metal theft: Man arrested, tests positive for morphine

Others Also Read