The Ministry of Digital Affairs is to conduct a “resilience inspection” among government agencies that have authorization to access personal data after a data security loophole in the Ministry of Finance’s e-invoice platform was identified by a “white-hat hacker,” Minister of Digital Affairs Audrey Tang (唐鳳) said yesterday.
Tang was asked to brief lawmakers on the legislature’s Transportation Committee what the government would do to enhance information security among government agencies in light of the discovery, as well as a series of data security breaches in the private sector.
If exploited, the loophole would affect about 20 percent of businesses on the e-invoice platform that did not register using business certificate IDs issued by the Ministry of Economic Affairs, Ministry of Finance Fiscal Information Agency Director-General Chang Wen-hsi (張文熙) told the committee.
Photo: Reuters
“We are conducting a comprehensive inspection of these accounts. They would be required to change their passwords if the ones they have are vulnerable to data breaches,” Chang said.
The Ministry of Digital Affairs is also to inspect whether passwords set by government agencies are susceptible to malicious attacks, which was not previously a factor in data security inspections, Tang said.
A “zero trust” policy is to be implemented which requires government agencies to have a multilayered mechanism to protect information, she said, adding that the system must not be guarded by just one set of passwords.
“We will begin within one to two months a resilience inspection of common technical components used by government agencies that have authorization to access personal data. We will submit to the committee a report on the types of data security risks facing different agencies in three months,” Tang said.
A resilience inspection is similar to a fire safety inspection, where the management of a building might be asked to use fireproof materials at certain locations to prevent fire, she said.
SHOPEE SANCTION
In other developments, the Ministry of Digital Affairs is to issue an administrative sanction before the end of this month to Singapore-based e-commerce platform Shopee (蝦皮) following repeated personal data leaks, it said.
A report on a personal data leak at Eslite Bookstore would be published this week and an administrative sanction issued next week, Tang said.
While information security firms retained by Eslite Bookstore did not find problems with the company’s database, the ministry is examining whether the leak occurred at logistics operators or third-party payment platform operators working with the bookstore, she said.
The alleged data leak at the the nation’s largest bookstore was made public after Here I Stand Project deputy secretary-general Cynthia Yang (楊欣慈) on May 14 said she received a telephone call, with the caller claiming to be from Eslite’s marketing department and wanting to know what Yang thought about If China Attacks (阿共打來怎麼辦), a book she purchased online in February.
The caller told Yang they were seeking feedback from readers because the book has “sensitive and inappropriate” content, and said that Taiwan would never win a war against a military as powerful as China’s and should not expect the US to come to the rescue.
Japan has deployed long-range missiles in a southwestern region near China, the Japanese defense minister said yesterday, at a time when ties with Beijing are at their lowest in recent years. The missiles were installed in Kumamoto in the southern region of Kyushu, as Japan is attempting to shore up its military capacity as China steps up naval activity in the East China Sea. “Standoff defense capabilities enable us to counter the threat of enemy forces attempting to invade our country ... while ensuring the safety of our personnel,” Japanese Minister of Defense Shinjiro Koizumi said. “This is an extremely important initiative for
MORE POPULAR: Taiwan Pass sales increased by 59 percent during the first quarter compared with the same period last year, the Tourism Administration said The Tourism Administration yesterday said that it has streamlined the Taiwan Pass, with two versions available for purchase beginning today. The tourism agency has made the pass available to international tourists since 2024, allowing them to access the high-speed rail, Taiwan Railway Corp services, four MRT systems and four Taiwan Tourist Shuttles. Previously, five types of Taiwan Pass were available, but some tourists have said that the offerings were too complicated. The agency said only two types of Taiwan Pass would be available, starting from a three-day pass with the high-speed rail and a three-day pass with Taiwan Railway Corp. The former costs NT$2,800
NEW LOW: The council in 2024 based predictions on a pessimistic estimate for the nation’s total fertility rate of 0.84, but last year that rate was 0.69, 17 percent lower An expected National Development Council (NDC) report expects the nation’s population to drop below 12 million by 2065, with the old-age dependency ratio to top 100 percent sooner than 2070, sources said yesterday. The council is slated to release its latest population projections in August, using an ultra-low fertility model, the sources said. The previous report projected that Taiwan’s population would fall to 14.37 million by 2070, but based on a new estimate of the total fertility rate (TFR) — the average number of children born to a woman over her lifetime — the population is expected to reach 12 million by
COUNTERING HOSTILITY: The draft bill would require the US to increase diplomatic pressure on China and would impose sanctions on those who sabotage undersea cable networks US lawmakers on Thursday introduced a bipartisan bill to bolster the resilience of Taiwan’s submarine cables to counter China’s hostile activities. The proposal, titled the critical undersea infrastructure resilience initiative act, was cosponsored by Republican representatives Mike Lawler and Greg Stanton, and Democratic Representative Dave Min. US Senators John Curtis and Jacky Rosen also introduced a companion bill in the US Senate, which has passed markup at the chamber’s Committee on Foreign Relations. The House’s version of the bill would prioritize the deployment of sensors to detect disruptions or potential sabotage in real-time and enhance early warning capabilities through global intelligence sharing frameworks,
RSS