The Department of Personal Data Protection (PDP), Ministry of Communications and Digital (KKD) takes seriously the alleged incident of hacking of the Misi Rakyat website belonging to Bangsa Bertauhid Sdn. Bhd. which was uploaded by a hacker in the BreachForums website and Telegram application on July 3 and 4, 2023.
Following the allegation, PDP received a report of the Misi Rakyat website data leakage incident from MyCERT, CyberSecurity Malaysia (CSM) on 4 July 2023.
On the same day, JPDP contacted the company Bangsa Bertauhid Sdn. Bhd. to obtain confirmation regarding the incident and sample data involved. JPDP has also ordered the company to conduct an internal investigation and complete a Data Leakage Notification (DBN) form.
JPDP has started an investigation into this incident after receiving the DBN form from Bangsa Bertauhid Sdn. Bhd. on July 10, 2023.
The founder of the Misi Rakyat website has also been summoned to attend the JPDP for the procedure of recording the conversation on July 13, 2023.
JPDP is working with CSM to carry out further investigations into this incident to identify if there is any breach under the Personal Data Protection Act 2010 [Act 709].
JPDP urges all companies and organizations that process personal data in commercial transactions to comply with the Principles, Regulations and Standards of Personal Data Protection under Act 709.
Companies and organizations are also reminded to be more careful when processing personal data to avoid personal data leakage incidents.
