KUALA LUMPUR: The Malaysia Consumer Choice Center (MCCC) urges the Ministry of Health (MoH) to implement immediate security measures to prevent the continued theft of personal data from the MySejahtera application.
This follows the Auditor General's Report 2021 Series 2, which revealed that the super-admin account downloaded three million Malaysians' personal data in the MySejahtera application from October 28 to October 31, 2021.
MCCC representative Tarmizi Anuwar urged the MoH to improve security measures to ensure the safety of consumers and that such incidents do not happen again.
"The MoH needs to act immediately to tighten the data security management system and the MySejahtera application as recommended by the Auditor General's Report to prevent the intrusion of consumer data again.
"This is important to ensure that consumers are safe," he said in a statement today.
Based on the report, after one year and three months and several police reports being made, the government has yet to identify the data fields that have been downloaded and are still under investigation by the authorities.
"The MoH needs to immediately take this action because, after one year and three months, the ministry still does not know or identify the personal data fields that have been downloaded.
"This is very worrying because more than three million user data are at risk of being misused by those who have downloaded it," he added.
According to Tarmizi, the MoH also needs to take the questionnaire seriously conducted by the audit department regarding consumers' perceptions of the MySejahtera application.
Based on the survey, a total of 2,699 respondents, or 49.8 per cent, disagree that personal data is stored in the MySejahtera application database.
Only 1,168 responses, or 21.8 per cent, agreed, and the rest were neutral.
"Based on the survey conducted by the audit department, consumers are not confident about the level of security of the MySejahtera application and have concerns if irresponsible parties invade their information or personal data," he said.
"Although it has entered the endemic phase and this application is not used as before, the consumer's personal data is still stored in it.
"Therefore, the MoH needs to take immediate action and explain to the public the steps that will be taken to deal with this matter seriously and be responsible in ensuring that this won't happen again," Tarmizi said.