The Ministry of Digital Affairs is to conduct a “resilience inspection” among government agencies that have authorization to access personal data after a data security loophole in the Ministry of Finance’s e-invoice platform was identified by a “white-hat hacker,” Minister of Digital Affairs Audrey Tang (唐鳳) said yesterday.
Tang was asked to brief lawmakers on the legislature’s Transportation Committee what the government would do to enhance information security among government agencies in light of the discovery, as well as a series of data security breaches in the private sector.
If exploited, the loophole would affect about 20 percent of businesses on the e-invoice platform that did not register using business certificate IDs issued by the Ministry of Economic Affairs, Ministry of Finance Fiscal Information Agency Director-General Chang Wen-hsi (張文熙) told the committee.
Photo: Reuters
“We are conducting a comprehensive inspection of these accounts. They would be required to change their passwords if the ones they have are vulnerable to data breaches,” Chang said.
The Ministry of Digital Affairs is also to inspect whether passwords set by government agencies are susceptible to malicious attacks, which was not previously a factor in data security inspections, Tang said.
A “zero trust” policy is to be implemented which requires government agencies to have a multilayered mechanism to protect information, she said, adding that the system must not be guarded by just one set of passwords.
“We will begin within one to two months a resilience inspection of common technical components used by government agencies that have authorization to access personal data. We will submit to the committee a report on the types of data security risks facing different agencies in three months,” Tang said.
A resilience inspection is similar to a fire safety inspection, where the management of a building might be asked to use fireproof materials at certain locations to prevent fire, she said.
SHOPEE SANCTION
In other developments, the Ministry of Digital Affairs is to issue an administrative sanction before the end of this month to Singapore-based e-commerce platform Shopee (蝦皮) following repeated personal data leaks, it said.
A report on a personal data leak at Eslite Bookstore would be published this week and an administrative sanction issued next week, Tang said.
While information security firms retained by Eslite Bookstore did not find problems with the company’s database, the ministry is examining whether the leak occurred at logistics operators or third-party payment platform operators working with the bookstore, she said.
The alleged data leak at the the nation’s largest bookstore was made public after Here I Stand Project deputy secretary-general Cynthia Yang (楊欣慈) on May 14 said she received a telephone call, with the caller claiming to be from Eslite’s marketing department and wanting to know what Yang thought about If China Attacks (阿共打來怎麼辦), a book she purchased online in February.
The caller told Yang they were seeking feedback from readers because the book has “sensitive and inappropriate” content, and said that Taiwan would never win a war against a military as powerful as China’s and should not expect the US to come to the rescue.
MISINFORMATION: The generated content tends to adopt China’s official stance, such as ‘Taiwan is currently governed by the Chinese central government,’ the NSB said Five China-developed artificial intelligence (AI) language models exhibit cybersecurity risks and content biases, an inspection conducted by the National Security Bureau (NSB) showed. The five AI tools are: DeepSeek, Doubao (豆包), Yiyan (文心一言), Tongyi (通義千問) and Yuanbao (騰訊元寶), the bureau said, advising people to remain vigilant to protect personal data privacy and corporate business secrets. The NSB said it, in accordance with the National Intelligence Services Act (國家情報工作法), has reviewed international cybersecurity reports and intelligence, and coordinated with the Ministry of Justice Investigation Bureau and the National Police Agency’s Criminal Investigation Bureau to conduct an inspection of China-made AI language
LIMITS: While China increases military pressure on Taiwan and expands its use of cognitive warfare, it is unwilling to target tech supply chains, the report said US and Taiwan military officials have warned that the Chinese People’s Liberation Army (PLA) could implement a blockade within “a matter of hours” and need only “minimal conversion time” prior to an attack on Taiwan, a report released on Tuesday by the US Senate’s China Economic and Security Review Commission said. “While there is no indication that China is planning an imminent attack, the United States and its allies and partners can no longer assume that a Taiwan contingency is a distant possibility for which they would have ample time to prepare,” it said. The commission made the comments in its annual
CHECKING BOUNDARIES: China wants to disrupt solidarity among democracies and test their red lines, but it is instead pushing nations to become more united, an expert said The US Department of State on Friday expressed deep concern over a Chinese public security agency’s investigation into Legislator Puma Shen (沈伯洋) for “secession.” “China’s actions threaten free speech and erode norms that have underpinned the cross-strait ‘status quo’ for decades,” a US Department of State spokesperson said. The Chongqing Municipal Public Security Bureau late last month listed Shen as “wanted” and launched an investigation into alleged “secession-related” criminal activities, including his founding of the Kuma Academy, a civil defense organization that prepares people for an invasion by China. The spokesperson said that the US was “deeply concerned” about the bureau investigating Shen
‘TROUBLEMAKER’: Most countries believe that it is China — rather than Taiwan — that is undermining regional peace and stability with its coercive tactics, the president said China should restrain itself and refrain from being a troublemaker that sabotages peace and stability in the Indo-Pacific region, President William Lai (賴清德) said yesterday. Lai made the remarks after China Coast Guard vessels sailed into disputed waters off the Senkaku Islands — known as the Diaoyutai Islands (釣魚台) in Taiwan — following a remark Japanese Prime Minister Sanae Takaichi made regarding Taiwan. Takaichi during a parliamentary session on Nov. 7 said that a “Taiwan contingency” involving a Chinese naval blockade could qualify as a “survival-threatening situation” for Japan, and trigger Tokyo’s deployment of its military for defense. Asked about the escalating tensions
RSS