THERE is an urgent need for a public update on the actions taken by the government regarding the data breach that hit online payment service provider iPay88 (M) Sdn Bhd, Lim Guan Eng said today.
The Bagan MP and DAP chairman said Communications and Multimedia Minister Annuar Musa had promised immediate action last month when the security breach occurred.
“To-date there is no progressive report on the probe carried out by the Malaysian Communications and Multimedia Commission (MCMC), the Personal Data Protection Department (PDPD), and CyberSecurity Malaysia (CSM).
“Since iPay88 had already confirmed that a cybersecurity incident had occurred that may have compromised consumer credit card data, Annuar should specify what action he or the above agencies had taken so far.
“This data breach involves a matter of national security of our country’s finances that warrants serious attention,” Lim said in a statement.
He added that Bank Negara on August 13 had “attempted to assure” the public that the nation’s payment system remained safe and secure despite the data breach seen with iPay88’s system.
However, he said, many bank depositors and customers were not reassured and remained nervous about the protection, security, and integrity of funds in their bank accounts.
Lim also urged for clarification on what Bank Negara meant when it said that the payment system remained secure as there were vulnerabilities in the banking system.
He said there were many reported cases by the public of sudden and unaccounted for disappearances of monies from their bank accounts.
“Even though Bank Negara pointed out that the data breach originated from and was confined to iPay88’s payment card systems, and did not involve vulnerabilities in the banks’ systems, many bank customers do not feel safe and secure about their funds deposited in banks.
“The time has come for Annuar and Bank Negara to uphold transparency and accountability by providing answers to ensure that the digitalisation of banking services is not jeopardised by the loss of public confidence following the data breach.”
Last month, iPay88 (M), a company that provided payment gateway services to banks and merchants, confirmed that customers’ card data might have been compromised after a cybersecurity incident.
The extent of bank customers’ critical financial data that had been potentially leaked from this breach was still unknown.
Bank Negara announced that it was commencing forensic investigations into the data breach but the outcome of these remained undisclosed. – September 5, 2022.
Comments