The Auditor General, Datuk Seri Nik Azman Nik Abdul Majid today showed the latest audit report on the MySejahtera application for 2021, and the application seems to have a very serious data leakage issue.
Chief among them is that the personal data of 3 million Malaysians was downloaded by a super-admin account in 2021. The Auditor General said that what is more worrying is that the data was downloaded using a different IP address, which gives cause for concern. because it is also likely to be downloaded from locations that should not have access to the database.
The report also said that since October 27 2021, there have been as many as 1.12 attacks (DDoS and so on) on the service, which once again raises concerns about the security of the application and also the data it contains.
MySejahtera
The accuracy of the data contained in the application also seems to be questioned, with the report saying that a total of 1657 people have more than one MySejahtera account. Another 1543 individuals are said to have two to seven MySejahtera accounts that also have active status, verified accounts and have also received vaccinations.
Not only that, a total of 28,753 individuals were reported to have been vaccinated at the Vaccine Distribution Center (PPV) which has been closed, adding to the confusion over the data loaded into the application.
Meanwhile, 12,275 vaccination records have been reported as incomplete and 70 accounts whose owners have died are still listed as active.
The Auditor General further said that the Malaysian Ministry of Health should do due diligence to ensure that the user data of the MySejahtera application is not only safe, but also accurate to avoid any mistakes that will harm all parties.