The Ministry of Digital Affairs is to conduct a “resilience inspection” among government agencies that have authorization to access personal data after a data security loophole in the Ministry of Finance’s e-invoice platform was identified by a “white-hat hacker,” Minister of Digital Affairs Audrey Tang (唐鳳) said yesterday.
Tang was asked to brief lawmakers on the legislature’s Transportation Committee what the government would do to enhance information security among government agencies in light of the discovery, as well as a series of data security breaches in the private sector.
If exploited, the loophole would affect about 20 percent of businesses on the e-invoice platform that did not register using business certificate IDs issued by the Ministry of Economic Affairs, Ministry of Finance Fiscal Information Agency Director-General Chang Wen-hsi (張文熙) told the committee.
Photo: Reuters
“We are conducting a comprehensive inspection of these accounts. They would be required to change their passwords if the ones they have are vulnerable to data breaches,” Chang said.
The Ministry of Digital Affairs is also to inspect whether passwords set by government agencies are susceptible to malicious attacks, which was not previously a factor in data security inspections, Tang said.
A “zero trust” policy is to be implemented which requires government agencies to have a multilayered mechanism to protect information, she said, adding that the system must not be guarded by just one set of passwords.
“We will begin within one to two months a resilience inspection of common technical components used by government agencies that have authorization to access personal data. We will submit to the committee a report on the types of data security risks facing different agencies in three months,” Tang said.
A resilience inspection is similar to a fire safety inspection, where the management of a building might be asked to use fireproof materials at certain locations to prevent fire, she said.
SHOPEE SANCTION
In other developments, the Ministry of Digital Affairs is to issue an administrative sanction before the end of this month to Singapore-based e-commerce platform Shopee (蝦皮) following repeated personal data leaks, it said.
A report on a personal data leak at Eslite Bookstore would be published this week and an administrative sanction issued next week, Tang said.
While information security firms retained by Eslite Bookstore did not find problems with the company’s database, the ministry is examining whether the leak occurred at logistics operators or third-party payment platform operators working with the bookstore, she said.
The alleged data leak at the the nation’s largest bookstore was made public after Here I Stand Project deputy secretary-general Cynthia Yang (楊欣慈) on May 14 said she received a telephone call, with the caller claiming to be from Eslite’s marketing department and wanting to know what Yang thought about If China Attacks (阿共打來怎麼辦), a book she purchased online in February.
The caller told Yang they were seeking feedback from readers because the book has “sensitive and inappropriate” content, and said that Taiwan would never win a war against a military as powerful as China’s and should not expect the US to come to the rescue.
Tropical Storm Usagi strengthened to a typhoon yesterday morning and remains on track to brush past southeastern Taiwan from tomorrow to Sunday, the Central Weather Administration (CWA) said yesterday. As of 2pm yesterday, the storm was approximately 950km east-southeast of Oluanpi (鵝鑾鼻), Taiwan proper’s southernmost point, the CWA said. It is expected to enter the Bashi Channel and then turn north, moving into waters southeast of Taiwan, it said. The agency said it could issue a sea warning in the early hours of today and a land warning in the afternoon. As of 2pm yesterday, the storm was moving at
DISCONTENT: The CCP finds positive content about the lives of the Chinese living in Taiwan threatening, as such video could upset people in China, an expert said Chinese spouses of Taiwanese who make videos about their lives in Taiwan have been facing online threats from people in China, a source said yesterday. Some young Chinese spouses of Taiwanese make videos about their lives in Taiwan, often speaking favorably about their living conditions in the nation compared with those in China, the source said. However, the videos have caught the attention of Chinese officials, causing the spouses to come under attack by Beijing’s cyberarmy, they said. “People have been messing with the YouTube channels of these Chinese spouses and have been harassing their family members back in China,”
The Central Weather Administration (CWA) yesterday said there are four weather systems in the western Pacific, with one likely to strengthen into a tropical storm and pose a threat to Taiwan. The nascent tropical storm would be named Usagi and would be the fourth storm in the western Pacific at the moment, along with Typhoon Yinxing and tropical storms Toraji and Manyi, the CWA said. It would be the first time that four tropical cyclones exist simultaneously in November, it added. Records from the meteorology agency showed that three tropical cyclones existed concurrently in January in 1968, 1991 and 1992.
GEOPOLITICAL CONCERNS: Foreign companies such as Nissan, Volkswagen and Konica Minolta have pulled back their operations in China this year Foreign companies pulled more money from China last quarter, a sign that some investors are still pessimistic even as Beijing rolls out stimulus measures aimed at stabilizing growth. China’s direct investment liabilities in its balance of payments dropped US$8.1 billion in the third quarter, data released by the Chinese State Administration of Foreign Exchange showed on Friday. The gauge, which measures foreign direct investment (FDI) in China, was down almost US$13 billion for the first nine months of the year. Foreign investment into China has slumped in the past three years after hitting a record in 2021, a casualty of geopolitical tensions,
RSS