The Ministry of Digital Affairs is to conduct a “resilience inspection” among government agencies that have authorization to access personal data after a data security loophole in the Ministry of Finance’s e-invoice platform was identified by a “white-hat hacker,” Minister of Digital Affairs Audrey Tang (唐鳳) said yesterday.
Tang was asked to brief lawmakers on the legislature’s Transportation Committee what the government would do to enhance information security among government agencies in light of the discovery, as well as a series of data security breaches in the private sector.
If exploited, the loophole would affect about 20 percent of businesses on the e-invoice platform that did not register using business certificate IDs issued by the Ministry of Economic Affairs, Ministry of Finance Fiscal Information Agency Director-General Chang Wen-hsi (張文熙) told the committee.
Photo: Reuters
“We are conducting a comprehensive inspection of these accounts. They would be required to change their passwords if the ones they have are vulnerable to data breaches,” Chang said.
The Ministry of Digital Affairs is also to inspect whether passwords set by government agencies are susceptible to malicious attacks, which was not previously a factor in data security inspections, Tang said.
A “zero trust” policy is to be implemented which requires government agencies to have a multilayered mechanism to protect information, she said, adding that the system must not be guarded by just one set of passwords.
“We will begin within one to two months a resilience inspection of common technical components used by government agencies that have authorization to access personal data. We will submit to the committee a report on the types of data security risks facing different agencies in three months,” Tang said.
A resilience inspection is similar to a fire safety inspection, where the management of a building might be asked to use fireproof materials at certain locations to prevent fire, she said.
SHOPEE SANCTION
In other developments, the Ministry of Digital Affairs is to issue an administrative sanction before the end of this month to Singapore-based e-commerce platform Shopee (蝦皮) following repeated personal data leaks, it said.
A report on a personal data leak at Eslite Bookstore would be published this week and an administrative sanction issued next week, Tang said.
While information security firms retained by Eslite Bookstore did not find problems with the company’s database, the ministry is examining whether the leak occurred at logistics operators or third-party payment platform operators working with the bookstore, she said.
The alleged data leak at the the nation’s largest bookstore was made public after Here I Stand Project deputy secretary-general Cynthia Yang (楊欣慈) on May 14 said she received a telephone call, with the caller claiming to be from Eslite’s marketing department and wanting to know what Yang thought about If China Attacks (阿共打來怎麼辦), a book she purchased online in February.
The caller told Yang they were seeking feedback from readers because the book has “sensitive and inappropriate” content, and said that Taiwan would never win a war against a military as powerful as China’s and should not expect the US to come to the rescue.
DETERRENCE: With 1,000 indigenous Hsiung Feng II and III missiles and 400 Harpoon missiles, the nation would boast the highest anti-ship missile density in the world With Taiwan wrapping up mass production of Hsiung Feng II and III missiles by December and an influx of Harpoon missiles from the US, Taiwan would have the highest density of anti-ship missiles in the world, a source said yesterday. Taiwan is to wrap up mass production of the indigenous anti-ship missiles by the end of year, as the Chungshan Institute of Science and Technology has been meeting production targets ahead of schedule, a defense official with knowledge of the matter said. Combined with the 400 Harpoon anti-ship missiles Taiwan expects to receive from the US by 2028, the nation would have
North Korea yesterday fired about 10 ballistic missiles to the sea toward Japan, the South Korean Joint Chiefs of Staff (JCS) said, days after Pyongyang warned of “terrible consequences” over ongoing South Korea-US military drills. Pyongyang recently dashed hopes of a diplomatic thaw with Seoul, Washington’s security ally, describing its latest peace efforts as a “clumsy, deceptive farce.” Seoul’s military detected “around 10 ballistic missiles launched from the Sunan area in North Korea toward the East Sea [Sea of Japan] at around 1:20pm,” JCS said in a statement, referring to South Korea’s name for the body of water. The missiles
‘UNWAVERING FRIENDSHIP’: A representative of a Japanese group that co-organized a memorial, said he hopes Japanese never forget Taiwan’s kindness President William Lai (賴清德) yesterday marked the 15th anniversary of the Tohoku earthquake and tsunami, urging continued cooperation between Taiwan and Japan on disaster prevention and humanitarian assistance. Lai wrote on social media that Taiwan and Japan have always helped each other in the aftermath of major disasters. The magnitude 9 earthquake struck northeastern Japan on March 11, 2011, triggering a massive tsunami that claimed more than 19,000 lives, according to data from Japanese authorities. Following the disaster, Taiwan donated more than US$240 million in aid, making it one of the largest contributors of financial assistance to Japan. In addition to cash donations and
North Korea tested nuclear-capable rocket launchers, state media reported yesterday, a day after Seoul detected the launch of about 10 ballistic missiles. The test comes after South Korean and US forces launched their springtime military drills, due to run until Thursday. North Korean leader Kim Jong-un on Saturday oversaw the testing of the multiple rocket launcher system (MRLS), the Korean Central News Agency (KCNA) said. The test involved 12 600mm-caliber ultra-precision multiple rocket launchers and two artillery companies, it said. Kim said the drill gave Pyongyang’s enemies, within the 420km striking range, a sense of “uneasiness” and “a deep understanding
RSS