Miscellaneous

Is your personal information safe? Maybe not.

Usually, database of customers are guarded like gold by any company. Information on customers is jealously guarded by businesses as it is vital to have the upperhand from anybody who wants to venture into the same type of business as you do. Try getting your rival company’s information about their clients. It is nearly impossible.

Hence, people can make money out of it. Because, information is valuable. Information equals money.

But the storage of these information costs too much money. Some company branched out into other means of storing information. Some who had relied on huge warehouses, had resorted to data imaging. The initial outlay may be high but it uses less space.

Some may outsource entirely their document storage to third party. This will decrease storage cost but ultimately, security risks could be higher.

Permodalan Nasional Berhad once wanted to outsource its data imaging process to PERNEC back in 2004 but quickly discarded the idea when they realised that millions of its customers (all the ASB, ASD, ASN, ASW unitholders), or to be precise, the confidential records of its unitholders will be kept by a third party.

Now, they keep their records in their own facility they set up in Nilai, Negeri Sembilan.

They deemed it a threat to the financial security of its unitholders if the data is lost to irresponsible parties. People will pay a lot of money to mine data (data mining)  from anyone who is willing to sell it.

As they always say, information is power.

Why suddenly I write about this?

Because I was alarmed to know that our Lembaga Hasil Dalam Negeri, Kumpulan Simpanan Pekerja, Kementerian Kewangan, Bank Simpanan Nasional, Sime Darby etc, has been outsourcing their document management process to a privately owned company.

That means, all my income tax data and my EPF data are all in the hands of a third party. Certainly, when I engage the LHDN and EPF, I never made any agreement that all my information can be viewed upon by other parties.

Imagine all my tax details and my retirement funds being scrutinised by a third party which LHDN and EPF has no control of. How certain are these two database giants in knowing that their data bank will not be sold or viewed upon by interested people?

And this is just me.

I am sure the data of more influential people may fall into the wrong hands. We may have a serious national security breach here.

Imaging knowing the self worth, detailed addresses and next of kins’ detailed information of the Panglima Angkatan Tentera, the Inspector General of Police, the Chief Justice, or even Lim Kit Siang’s! This would be a security threat indeed!

Some random people might know where your loved ones are residing!

I am concern to note, after reading a few blogs that have highlighted this issue here and here, that the company that was given the contract might exposed itself to unscrupulous groups of people.

From the blogs linked above, it is allegedly being told that VPI International Sdn Bhd received nearly RM1 billion worth of contract from LHDN through the Ministry of Finance. Payments were made twice to the sum of RM400 million and RM500 million respectively.

That is a huge sum of money just to outsource data from LHDN.  Is it not?

If this is true, no surprises there. Because the company that was awarded the contract belonged to people closely associated with the former 2nd Finance Minister, Tan Sri Nor Mohamed Yakcop.

Corporate information of VPI International's parent company - Efficient E-Solutions Berhad

Obviously, money is of no concern to some people. If the alleged amount of RM1 billion is true then I am sure the contracts were overinflated as it does not make sense to award such high sum of money to a newly established group such as the one you see below (refer organisation chart below). Almost all of the companies in the group were established sometime around 2004 onwards.

Group

Which in the end, each person who has an account in LHDN and EPF have to ask this question; How confident are you with this group of companies in keeping your records? Do you trust these companies that have no track records whatsoever to hold your vital information?

Therefore, I urge the government or at least the Auditor General to review the processes involved when awarding the contracts to the companies above and importantly, the operational processes of these companies when managing our records.

The security risks must first be sought out and mitigated immediately.

17 thoughts on “Is your personal information safe? Maybe not.

  1. Jebat…….
    next march i will move to middle east, getting tired with<malay<islamic ,leader-
    hijrah demi agama…
    being work for National oil company for past 17 years- loyal?.. but see what our leader do with money produce by Petro….?

    keep fighting…. jebat ,x kan Melayu hilang diidunia

    Like

  2. Bro,

    Salam. There are actually many security breaches in the country and many more other major incompetence in the country. I put it down largely due to the lack of dedication, responsibility and commitment of those in power/responsibility. Many projects over the past many, many years have been handed down more on the premise of making quick and BIG profits and any benefit to the country is merely expedient – if that can be avoided, I believe that will also be done!

    There has been no check and balances for years because of several complex factors, the basic being the “feudalistic” relationship between the Government and the people.
    I hope this is changing. The moment man worships man in any form, that will be disastrous for the general well-being.

    Salam.

    JMD : Thank you all for the comments so far.

    Like

  3. jmd,
    looks like a very good business module to me. in this day and age, there are too many junks to be stored for the ‘just-in-case’ moments. and this kind of service provider really help to store those piles of headaches away, at least until you next need them.

    also, apart from the govt, the banks and other institutions too are using this service too store and manage their data whether in soft or hard copy.

    i agree with you on a proper audit on the operational processes of these companies. i just hope that the govt has enough check and balances and a proper system to ensure information stored are safe and secure.

    regards

    Like

  4. hancus……

    one way to ensure the data security is that

    the outsource partner only provides the application which access the data from a remote server under full control of the government institutions said above…

    Access to the database can be restricted technologically

    during migration of the database it must be done under the strictest security conditions….

    one simple method is the name and ID of the data entity is stored in a separate DB but the rest of the historical data on the transactional etc can be with the vendor…

    Only the Gov has the “encryption” key that can read the data….

    make sure that goes into the proposal…

    kali dey wea my 10%

    Like

  5. hmmmm….

    Do you think Najib, Hishamuddin suffer identity theft? Why they are so timid but very quick to take action on Tasyrif, the Kepala Lembu group? The stray dogs and pigs done a lot more worse than Tasyrif/Kepala Lembu group, yet Najib & Hishamuddin do nothing!

    Remember Theresa C**k? Remember that stupid blod sandjstream? Remember Chin Peng sympathizers? Remember that? remember those? all those countless blatant seditious remarks over the net?

    hmmm…

    Maybe not. Najib & Hishamuddin are their own selves I supposed.

    HIDUP PERKASA !!! UMNO can step aside and hide in the closet!

    Like

  6. Well done. This type of exposure will make Jebats happy. Unfortunately, we will never really know due to OSA.
    As for chin peng, let the almighty judge him. For who are we to be the judge.
    But we are required to keep our word. And if the peace agreement states that all CPM members are allowed to return, then we should honour it. If we had intention not to honour it, then why sign the agreement in the first place? If we cannot honour agrrement between men, how are we to honour our pledges to “The God”.

    2:175 These are the ones who have purchased straying with guidance, and retribution for forgiveness; they have no patience towards the Fire.

    Like

    • It’s the people’s sentiment that matter. Our elders and families who had gone through it will never forgive for what they did. And I will pass the story to my grandchildren how this land was once blood stained and raped by Ching Peng’s men. I pray CP would die abroad and regret on his last breath for not to be able to live his last moment on earth on the land that could gave offered him a blessed life had he not gone down the path he had himself chose. He is not wanted here, other than by the wish of liberal young idealists and opportunist politicians.

      sorry for the digress, jmd. i just had to respond to this spammer lobbyist.

      Like

  7. Ill-innformed about the technicalities of many things, I can only comment on the macro aspect of your post.

    Why the hell is TS Nor Mohamed Yakcop’s name often associated with irregularities in the award of contracts and projects? I have seen so many accusations against him in other blogs like BigDog.com yet he appears nonchalant, hardly ever reacting, including the privatisation of the Kuala Lumpur Hospital and its huge land assets. Those accusations occured even during the previous administration. Why the hell was he included in the current administration? Now his name is linked to those cronies and goons of the flip-flopping, auto-piloting and sleepy-on-the-job PM.

    Doesn’t anyone in the current administration bother about such irregularities? Was DS Najib merely “melepaskan batuk ditangga” when he started to do something about money politics in UMNO? Why is he not taking action on the corruption big fish(es). Is it that people living in glass houses don’t throw stones at one another?

    Like

  8. Salam JMD,

    At the moment, membership cards such as bonuslink, real rewards, supermarket cards, etc and communication companies, credit card issuers, etc are also getting our info and who’s to say that they don’t loan it (for a fee) to other parties or between them?

    I heard rumours …

    Anyway, have you ever received calls to subscribe to some resort discount club or something that says they are offering the membership to you because you are a loyal credit card user of … ?

    Our info are for sale now.

    Like

  9. bro..celcom is also outsourcing the printing of bills..but maybe the husbands who called their mistresses regularly whom wives are working with the outsourcing company would be troubled by this fact. feel free to correct me if i’m wrong.

    btw..imho..what should have been done is partial outsourcing. not total outsourcing. especially for the agencies working with sensitive data.total outsourcing is not the solution for every scenario.

    what i meant by partial outsourcing is that LHDN or whatever agencies holding vital information should engage with a contractor that is going to provide them with the system and inftastructure e.g. document management system and a data warehousing centre..conduct the knowledge transfer to internal staffs..do change management process and what not..and then let LHDN employees do the whole process..TRANSFER of KNOWLEDGE is the key.you get the best systems. you get the best infrastructures. but you let your own team do the work.this concept has been adopted in the US for the facility management industry.holistic approach is vital.making business demands u make money, warranted, but can a particular contractor provides a solution with the intention of giving the best service to the customer and not screwing the hapless fella all the time?u tell me🙂

    remember that in today’s IT world, nothing is 100% guaranteed..but by having this kind of operation will definitely decrease the percentage of security breaching issues. atleast u know it’s done by the insider..and you can haul his/her ass to court.heheh.

    thank you jmd. have a nice day.

    Like

  10. Income Tax, EPF, Sime etc clearly have more than sufficient money to develope their own data storage and document security systems. Even if it is a little more expensive that costs quoted by outsource outfits, data privacy and national security issues demand that these be handled internally.

    I don’t trust Mod Nor Yapcop any further tha I can throw him. This was the man directly reponsible for at least RM12 billion of Bank Negara’s forex losses (some put the estimates at 30 billion) in the ’90’s and blatantly lied to the nation just before GE 2008 that our GDP had grown by 40% in 4 years!!??

    It looks to me like many in UMNO/BN are landind cushy gaji buta sweetheart deals for their relatives and croneys so that when there are booted out at GE 2013 they will land plush Chairmanship posts!!

    dpp
    We are all of 1 race, the Human Race

    Like

  11. JMD,

    Pak Kadiaq mention the same thing how he was offered a place at a local university via sms. Where they get the info? didn’t even bother to verify how old he is to ensure offering to right candidate.

    spamming jual ringtone by the mobile operator hari hari tak larat nak delete….

    no, i dont trust outsourcing in malaysia….org kita have no respect for privacy. bebudak datang buat aprentis atau praktikal semua i make them sign non dislcosure agreement. dia orang lagi tak dak otak tak tahu discriminate what is private n confidential…habis dia blog…i dah terkena sekali….cukup!

    EPF kita pun I tak trust to manage it well. my brother who works there kekadang mengeluh nak tahan penyelewengan. that is why i no longer contribute and manage my own retirement money/investment…

    that says a lot the said sad of affairs of our financial system doesn’t it? on top of the stupid fiat money that is slowly being debased by inflation…in all honesty, i have low trust on our leaders…they are selling us to the sharks and only take care of their own stomach. practically screwed all malaysians at every aspect…you name it and they are all there….

    selagi our leaders tak balik kepada landasan taqwa i dont see how our future malay islamic generations can prosper…

    agaknya nak tunggu bala’ turun baru sedar diri..

    keturunan jebat

    Like

  12. Dear Jebatmustdie,

    This is very bad (the outsourcing). I used to be an auditor. If I ever have to audit these agencies, their core responsibility of upholding public trust is already at the top of the audit risk list. For all you know, ‘Outsourcing’ is just another concept created by the Protocols of the Elders of Zion to control one of the important elements of mankind civilisations, ie communication.

    They have created other concepts which was used as tools to control the world, example, the creation of “second hand market” which was used by them to distort current (at that time that is) economy that was directly derived from industrial supply and demand mechanism particularly during the industrial revolution era.

    Second hand market had the power to destroy the production side of the chain. There are a lot of other concepts. To name a few: Globalisation, Freedom of Speech, Communism, Free Market, Level Playing Field, etc. The list is so long. You’ll have to read a book that compiles Henry Ford’s articles on all the agendas of this old protocol – which aims to control the 3 most significant areas: COMMUNICATION, FINANCIAL & POLITICS

    Link to Henry Ford’s published work: http://books.google.com.my/books?id=cNsfsqyxDl8C&printsec=frontcover&dq=henry+ford+international+jew&cd=1#v=onepage&q=&f=false

    Link to the secret document unleashed to the public by Henry Ford: http://books.google.com.my/books?id=KhyUmKYIv3UC&printsec=frontcover&dq=the+protocols+of+the+elders+of+zion&cd=5#v=onepage&q=&f=false

    * kopihangtuah

    .

    Like

  13. when you subscribe to western style of business, this is what gonna happen, outsourcing and what shit naught. All I guess is in the name of cost cutting, money money money…. why cant the respective establishment handle their own database.
    Sometimes maybe the top management is ok, but those staffs who have access to the data is what worrying.
    I’ve been receiving those random calls for quite sometime now, insurance, holiday packages bla bla bla… i just wonder how the hell they get my contact numbers… and in some way they seem to know whether i can afford what they are offering….😐

    Like

Astound us with your intelligence!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s