The Ministry of Digital Affairs is to conduct a “resilience inspection” among government agencies that have authorization to access personal data after a data security loophole in the Ministry of Finance’s e-invoice platform was identified by a “white-hat hacker,” Minister of Digital Affairs Audrey Tang (唐鳳) said yesterday.
Tang was asked to brief lawmakers on the legislature’s Transportation Committee what the government would do to enhance information security among government agencies in light of the discovery, as well as a series of data security breaches in the private sector.
If exploited, the loophole would affect about 20 percent of businesses on the e-invoice platform that did not register using business certificate IDs issued by the Ministry of Economic Affairs, Ministry of Finance Fiscal Information Agency Director-General Chang Wen-hsi (張文熙) told the committee.
Photo: Reuters
“We are conducting a comprehensive inspection of these accounts. They would be required to change their passwords if the ones they have are vulnerable to data breaches,” Chang said.
The Ministry of Digital Affairs is also to inspect whether passwords set by government agencies are susceptible to malicious attacks, which was not previously a factor in data security inspections, Tang said.
A “zero trust” policy is to be implemented which requires government agencies to have a multilayered mechanism to protect information, she said, adding that the system must not be guarded by just one set of passwords.
“We will begin within one to two months a resilience inspection of common technical components used by government agencies that have authorization to access personal data. We will submit to the committee a report on the types of data security risks facing different agencies in three months,” Tang said.
A resilience inspection is similar to a fire safety inspection, where the management of a building might be asked to use fireproof materials at certain locations to prevent fire, she said.
SHOPEE SANCTION
In other developments, the Ministry of Digital Affairs is to issue an administrative sanction before the end of this month to Singapore-based e-commerce platform Shopee (蝦皮) following repeated personal data leaks, it said.
A report on a personal data leak at Eslite Bookstore would be published this week and an administrative sanction issued next week, Tang said.
While information security firms retained by Eslite Bookstore did not find problems with the company’s database, the ministry is examining whether the leak occurred at logistics operators or third-party payment platform operators working with the bookstore, she said.
The alleged data leak at the the nation’s largest bookstore was made public after Here I Stand Project deputy secretary-general Cynthia Yang (楊欣慈) on May 14 said she received a telephone call, with the caller claiming to be from Eslite’s marketing department and wanting to know what Yang thought about If China Attacks (阿共打來怎麼辦), a book she purchased online in February.
The caller told Yang they were seeking feedback from readers because the book has “sensitive and inappropriate” content, and said that Taiwan would never win a war against a military as powerful as China’s and should not expect the US to come to the rescue.
STILL COMMITTED: The US opposes any forced change to the ‘status quo’ in the Strait, but also does not seek conflict, US Secretary of State Marco Rubio said US President Donald Trump’s administration released US$5.3 billion in previously frozen foreign aid, including US$870 million in security exemptions for programs in Taiwan, a list of exemptions reviewed by Reuters showed. Trump ordered a 90-day pause on foreign aid shortly after taking office on Jan. 20, halting funding for everything from programs that fight starvation and deadly diseases to providing shelters for millions of displaced people across the globe. US Secretary of State Marco Rubio, who has said that all foreign assistance must align with Trump’s “America First” priorities, issued waivers late last month on military aid to Israel and Egypt, the
France’s nuclear-powered aircraft carrier and accompanying warships were in the Philippines yesterday after holding combat drills with Philippine forces in the disputed South China Sea in a show of firepower that would likely antagonize China. The Charles de Gaulle on Friday docked at Subic Bay, a former US naval base northwest of Manila, for a break after more than two months of deployment in the Indo-Pacific region. The French carrier engaged with security allies for contingency readiness and to promote regional security, including with Philippine forces, navy ships and fighter jets. They held anti-submarine warfare drills and aerial combat training on Friday in
COMBAT READINESS: The military is reviewing weaponry, personnel resources, and mobilization and recovery forces to adjust defense strategies, the defense minister said The military has released a photograph of Minister of National Defense Wellington Koo (顧立雄) appearing to sit beside a US general during the annual Han Kuang military exercises on Friday last week in a historic first. In the photo, Koo, who was presiding over the drills with high-level officers, appears to be sitting next to US Marine Corps Major General Jay Bargeron, the director of strategic planning and policy of the US Indo-Pacific Command, although only Bargeron’s name tag is visible in the seat as “J5 Maj General.” It is the first time the military has released a photo of an active
CHANGE OF MIND: The Chinese crew at first showed a willingness to cooperate, but later regretted that when the ship arrived at the port and refused to enter Togolese Republic-registered Chinese freighter Hong Tai (宏泰號) and its crew have been detained on suspicion of deliberately damaging a submarine cable connecting Taiwan proper and Penghu County, the Coast Guard Administration said in a statement yesterday. The case would be subject to a “national security-level investigation” by the Tainan District Prosecutors’ Office, it added. The administration said that it had been monitoring the ship since 7:10pm on Saturday when it appeared to be loitering in waters about 6 nautical miles (11km) northwest of Tainan’s Chiang Chun Fishing Port, adding that the ship’s location was about 0.5 nautical miles north of the No.
RSS