After a recent slew of alleged data leaks involving millions of Malaysians and companies, all eyes are now on the MySejahtera application and whether our personal data will remain secure and safe.
Just yesterday (19 October), netizens took to social media to share that many had received unrequested OTP codes for registration with MySejahtera. They claimed that they had received the text message from the number 68088 between 12am and 6am.
The text message reads, “RM0 MySejahtera: Your OTP No. is (redacted) for MySejahtera check-in registration and will expire in five minutes.”
As the text messages came in the early hours of the morning, the incident sparked data security concerns as many users were worried whether or not the app was hacked and if their personal information was stolen or leaked.
To make matters worse, some users have also reportedly received spam and troll-like emails from the application’s helpdesk.
The email contained the user’s email and MySejahtera ID and was followed by the message, “You’ve tested positive for covid nahhh, joking. Plenty of exploits to show, Twitter search OTP. Regards, CPRC MOH.”
Meanwhile, some users have received other forms of spam emails. Lembah Pantai MP Fahmi Fadzil reported that he had been getting troll emails that involved some “rickrolling” from MySejahtera ever since early Sunday morning.
According to Berita Harian, the MySejahtera team at the Ministry of Health have since issued a statement that said no user data was compromised despite the incident involving text messages.
“The MySejahtera team conducted an investigation and found that the QR code registration function for use at business premises was abused by malicious scripts that sent OTPs to random phone numbers,” said the statement.
The statement assured MySejahtera users that their data was not accessed by the scripts and the issue will be fixed by tonight. They have yet to address the troll emails.
What do you think of this? Let us know in the comments.
Also read: SSM Data Listed Online For Sale By Same Seller Who Listed Leaked Data Of 4 Million Malaysians