Malaysia is reeling on the back of another series of personal data leak news, this time supposedly from one of the government agencies. In order to protect further exposure Bank Negara had stepped in and temporarily suspended access to Credit Control Reference Information System.
However, there should be no concern for users of CTOS, the credit reporting agency has confirmed that its data assets are secure. In efforts to allay fear and peace of mind, the company also announced that dark web monitoring through CTOS SecureID would be available free of charge for one month. They can use the service to check if they data is available on the dark web.
CTOS Group Chief Executive Officer, Dennis Martin said, “We would like to assure the public that as of now, there are no indications that our data assets have been breached. As Malaysia’s leading credit reporting agency, CTOS places paramount importance on cyber security risk and data breach protection, with all data and information in our possession protected with world-class certified data security technology.
“We have made and will continue to make significant investments to ensure that our IT and data security framework, policies, procedures, and systems are benchmarked against Bank Negara Malaysia’s Risk Mgmt in Technology (RMiT) standard and ISO27001, as well as other global standards.”
He went on to explain that as cyber-attacks were becoming more frequent and sophisticated, the company had also stepped up its proactive assessments and processes to protect the integrity of its data.
“Our systems are regularly subjected to comprehensive penetration tests, vulnerability assessment and audits by 3rd party IT security specialist firms to ensure its continued robustness. We are confident that we are well-positioned to defend our data assets against any potential cyber security attacks, which is further affirmed by the fact that there has been zero occurrences of any data breach since our inception in 1990,” he added.
Martin also clarified that Bank Negara Malaysia’s decision to temporarily suspend access to the Central Credit Reference Information System (“CCRIS”) service was applicable to all credit reporting agencies (CRAs), and not just to CTOS. The industry-wide move is a precautionary measure to further protect customers’ information.
He assured customers that it was working closely and expeditiously with the related regulators to closely monitor the situation, and was also conducting additional assessments to identify if further security measures were needed.
Malaysians are encouraged to use the free offer which will give immediate alerts in the event their data has been compromised.
