The only way for hackers to decrypt data would be to use the same process as the encryption method
By LYDIA NATHAN / Graphic By TMR
In TODAY’S age of widespread connectivity, the risks of data falling into the wrong hands are becoming a major problem.
LGMS Services Sdn Bhd CEO Fong Choong Fook said one of the ways to deter hackers from stealing important information today is by encrypting your data.
He said the only way for hackers to decrypt data would be to use the same process as the encryption method.
However, most Malaysian companies as well as businesses fail do so which makes them perfect targets for hackers.
“It will be impossible to open or even view the data if it is encrypted. Unfortunately, not many people do that these days,” he told The Malaysian Reserve in a telephone interview yesterday.
The recent report by popular Internet forum Lowyat.net that exposed the leakage of over 220,000 organ donor information on Tuesday clearly proves this.
According to the report, in September 2016 details of pledged organ donors which contained not only personal details of the donors but also the yearly breakdown of every organ pledger’s demographic data broken down by sex, race, state of origin, types of organs as well as age group were leaked.
Fong said there is no concrete evidence at the moment to conclude if the database was hacked or if it was copied and distributed by internal staff.
“From what I have observed, the developer made a huge mistake by not encrypting the data first before storing it into the database,” he said, adding that LGMS can only confirm what actually took place once Fong and his team has seen the logs.
“The data files were kept in excel form and were exported out in the same form, so the likelihood that they were encrypted is very low,” he said.
According to the Lowyat.net forum, the fields were similar to the online sign-up form found at http://dermaorgan. gov.my. It also contained data sign up form from government hospitals as well as National Transplant Resource Centres across the country.
People only begin to realise the damage this breach can do after seeing details of their personal information as well as the details of their next-of-kin nominations elsewhere online.
Ranield Ashikata, a Facebook user from Perlis, said he was appalled by this breach, “organ donors should be praised for helping others, even in the afterlife and not targeted for doing something noble.”
Another user who wanted to be known as Cheah Chuan said although the telco breach saw a larger amount of information leaked, he felt that this is a problem to be taken more seriously.
“This is no joke. Even organ donors are not safe. Someone must be punished for this,” he said in the forum discussion.
The forum also pointed out that this issue might deter people from signing up to donate organs in the future, and this will impact the medical field along with patients that could have their lives saved by these organs.
The Ministry of Communications and Multimedia (MCMC) meanwhile urged all companies and any form of authority that manages personal and corporate information to immediately work on strengthening and tightening its security and protection measures against hackers.
MCMC Datuk Seri Dr Salleh Said Keruak said hackers convicted will face the full force of the law. “The Data Privacy Protection Department is working together with the Royal Malaysia Police right now and the Personal Data Protection Commissioner will issue a statement once the investigation is over,” he said in a statement released yesterday.