PNG ICT Minister confirms citing of 150 nationals in leaked database
Papua New Guinea’s Minister for Information and Communication Technology, Hon. Timothy Masiu today informed that the Ministry is undertaking rapid vulnerability assessment on the leaked database, international media organizations claim is owned by Chinese data analytics company, Zhenhua Data.
My Department has managed to obtain parts of the leaked database and in the interest of national security, I have instructed for an assessment to be undertaken on all aspects of the database.
Minister Masiu said that the Department of Information & Communication Technology has spent the last 96 hours analysing the data so as to develop an understanding around the data collection sources, and the purpose of the database.
“At this stage, I can confirm the following facts:
- The leaked database contains data of 2.4 million individuals;
- The database contains a broad array of public and non-public data with classifications;
At this stage, and from what we are able to access, we can confirm that names of 150 Papua New Guinean’s have been cited and that:
- From the 150 people listed 63 of them are classified as active;
- From the 63 active profile 9 are female and 54 males;
- From the 63 profiles, 15 have been profiled with profile notes that cover their association to business or organisations as well as their Political or criminal briefs;
- 19 of the people listed in the exposed data are further classified under 5 categories (No Classification, Trafficking, Financial Crimes, Organised Crime and Corruption;
The exposed list contains general information about persons profiled under 3 categories
- Special Interest Person (SIP) – 19 Total Count;
- Politically Exposed Person (PEP) – 96 Total Count, and,
- Relative or Close Association (RCA) – 34 Total Count.
Minister Masiu confirmed that the 150 represent current number of Papua New Guineans identified and more is expected as this only represents 10-20 percent of the leaked database.
In terms of collection sources, I can confirm that data has most likely been obtained from public sources such as social media and websites. At face value, one could write this off as some sort of general data analytic activity however the types of data collected clearly indicates there is certain interest at play thus we will not rest until we confirm the organizations and the people and their intentions behind this data mining exercise and whether their actions are legitimate.
The Minister said his Department will complete its assessment and provide a report that he will refer to appropriate authorities.
One key takeaway from this experience is that, like other countries, we are reminded of our vulnerabilities and that as a Government, we will remain ever vigilant. In fact, as a Government, we endorsed strategic ICT policy and legislative reform last month in the form of the PNG Digital Transformation Policy.
Minister Masiu reaffirmed the importance of the proposed Public Sector Digital Transformation Bill 2020, and ongoing work on a data hosting and security regulation which are recommended by the Policy, amongst others.
Once the Bill is passed, the data hosting and associated security regulations will help us to ensure our people’s data collected by public bodies are secure and protected and this will also give us the capability of monitoring data breaches in the future.
The Minister reminded citizens to be ever vigilant online and also to be mindful of what is put out there especially on the social media. He urged people to check their social media privacy settings immediately to ensure that personal data is not exposed unnecessarily, to change email passwords regularly, and to not share passwords unless it is a legitimate requirement.
Approved for Release by
Ministry for Information & Communications Technology
Papua New Guinea
- PNG ICT Minister confirms citing of 150 nationals in leaked database - September 21, 2020