Indranee and SBQ should be educated on PDPC first, lah
Why want to unmask in the first place?
Flip Flop Roti Prata Mee Goreng.
Imagine if this "misunderstanding" was done by a PTE organisation. Can the CEO say sorry too?
How much will the penalties be?
"Section 48J(1) allows the PDPC to impose a financial penalty on an organisation who is found to have intentionally or negligently contravened its obligations under the PDPA. The maximum fine which can be imposed on an organisation is SGD1 million or 10% of that organisation's annual turnover, whichever is higher."
The only thing that has changed is that the Government has decided not to use masked NRIC numbers, she said.
------------------------------------------------------------------------------------------
Since when did the Govt used MASKED NRIC Numbers?
4 years ago for Passport application?
5 Years ago for A& E admissions?
6 Years ago when participants sign up for Skills Future Courses?
or 7 Years ago when people lodge police report?
Is PAP making me more confused now?
.
So confusing...
Normally you go hospital, clinic, they need IC for verification.
In Starhub, Banks every documentation need IC.
So now they tell us IC number can be expose to everyone? Haiz..
They better educate own Govt dept, MNC, and Loan Shark too. 🤣
PaP is blaming ACRA for the bad communication. But these are mere soldiers following orders and instructions given by the Top and executing it. Scapegoating to salvage the situation is showing no guilt nor remorse makes Christianity looks bad.
Knn ... The ministers never apply credit card and bank loans and accounts with their nric ?!
Yes many places ask to use NRIC to apply....eg bank: entering; army camp to visit son recruits: hospital staying clicnic vsit etc
(19-12-2024, 07:25 PM)Ola Wrote: [ -> ]The only thing that has changed is that the Government has decided not to use masked NRIC numbers, she said.
------------------------------------------------------------------------------------------
Since when did the Govt used MASKED NRIC Numbers?
4 years ago for Passport application?
5 Years ago for A& E admissions?
6 Years ago when participants sign up for Skills Future Courses?
or 7 Years ago when people lodge police report?
Is PAP making me more confused now?
I think we have the scammers and fraudsters to thank - These criminal organsations are master in finding any weakness in the identity system.
So the real horror story is in our digitally connected World, NOTHING about you is private nor confidential
Your NRIC, DOB, phone contact numbers, home & email address address are just few of the personal data that are alreadily on sales on the Dark Web.
So the Real Danger is not about keeping your Private data "private", but how to AUTHENTICATE the transaction when using YOUR ID.
https://www.resecurity.com/blog/article/...e-citizens
(20-12-2024, 01:06 PM)ysh02 Wrote: [ -> ]Yes many places ask to use NRIC to apply....eg bank: entering; army camp to visit son recruits: hospital staying clicnic vsit etc
Bolehland's VEP RFID tag registration also want all your personal data....
![[Image: 7ddb8c53dd15c76fb47176a65e35241225f0cd24...04d3?w=860]](https://cassette.sphdigital.com.sg/image/straitstimes/7ddb8c53dd15c76fb47176a65e35241225f0cd241dadd1f00b33a0e01c4504d3?w=860)
After 18 Years, SBQ still fail
Top in NUS 有屁用
Educate public by unmasking NRIC numbers is real STupidity
Here's a plan with a checklist template using ISO 27001:2017 to investigate the NRIC unmasking incident:
# Investigation Plan: NRIC Unmasking Incident
*Objective*
To investigate the NRIC unmasking incident and identify potential information security gaps and communication breakdowns.
*Scope*
The investigation will focus on the events leading up to the unmasking of NRIC numbers and the subsequent apology issued by ACRA and Minister Josephine Teo.
*Methodology*
1. Review of publicly available information and news articles.
2. Analysis of official statements and apologies issued by ACRA and Minister Josephine Teo.
3. Examination of relevant policies and procedures related to information security and data protection.
*Checklist Template (ISO 27001:2017)*
*Section 4: Context of the Organization*
1. Was there a clear understanding of the organization's information security risks and threats? (4.1)
2. Were stakeholders' needs and expectations identified and addressed? (4.2)
3. Was the scope of the information security management system clearly defined? (4.3)
*Section 5: Leadership*
1. Did top management demonstrate leadership and commitment to information security? (5.1)
2. Was an information security policy established, implemented, and maintained? (5.2)
3. Were responsibilities and authorities for information security clearly assigned? (5.3)
*Section 6: Planning*
1. Were information security risks identified and assessed? (6.1)
2. Were information security objectives and plans established and implemented? (6.2)
3. Were controls implemented to mitigate information security risks? (6.3)
*Section 7: Support*
1. Were resources necessary to establish, implement, and maintain the information security management system provided? (7.1)
2. Was competence of personnel and other stakeholders ensured? (7.2)
3. Was a communication process established and maintained? (7.3)
*Section 8: Operation*
1. Were processes planned, implemented, and controlled to meet information security objectives? (8.1)
2. Were controls implemented to ensure conformity to information security requirements? (8.2)
3. Was a process for managing change established and maintained? (8.3)
*Section 9: Performance Evaluation*
1. Was the organization's information security performance monitored, measured, analyzed, and evaluated? (9.1)
2. Were internal audits conducted to ensure conformity to the information security management system? (9.2)
3. Were management reviews conducted to ensure the information security management system was suitable, adequate, and effective? (9.3)
*Section 10: Improvement*
1. Were nonconformities and opportunities for improvement identified and addressed? (10.1)
2. Were corrective actions implemented to address nonconformities? (10.2)
3. Was the information security management system continually improved? (10.3)
*Findings and Recommendations*
Based on the investigation, identify potential information security gaps and communication breakdowns. Provide recommendations for improvement, including:
1. Enhancing information security policies and procedures.
2. Improving communication and stakeholder engagement.
3. Conducting regular risk assessments and audits.
4. Providing training and awareness programs for personnel.
*Conclusion*
The investigation highlights the importance of effective information security management and communication in preventing and responding to incidents like the NRIC unmasking. By identifying and addressing potential gaps and breakdowns, organizations can improve their overall information security posture and reduce the risk of similar incidents occurring in the future.
(19-12-2024, 07:32 PM)moonrab Wrote: [ -> ]So confusing...
Normally you go hospital, clinic, they need IC for verification.
In Starhub, Banks every documentation need IC.
So now they tell us IC number can be expose to everyone? Haiz..
They better educate own Govt dept, MNC, and Loan Shark too. 🤣
Heng ah! Ong ah! Huat ah!
![[Image: Screenshot-2025-01-31-16-10-04-42-6012fa...b265e7.jpg]](https://i.ibb.co/1YHjLqs9/Screenshot-2025-01-31-16-10-04-42-6012fa4d4ddec268fc5c7112cbb265e7.jpg)
Heng ah! Ong ah! Huat ah!
This time someone asked to apologise?
(20-12-2024, 02:13 PM)Manthink Wrote: [ -> ]I think we have the scammers and fraudsters to thank - These criminal organsations are master in finding any weakness in the identity system.
So the real horror story is in our digitally connected World, NOTHING about you is private nor confidential
Your NRIC, DOB, phone contact numbers, home & email address address are just few of the personal data that are alreadily on sales on the Dark Web.
So the Real Danger is not about keeping your Private data "private", but how to AUTHENTICATE the transaction when using YOUR ID.
https://www.resecurity.com/blog/article/...e-citizens
The idiotic SBQ should be sacked 5 YEARS ago
At least she must change the NRIC numbers of those "vulnerable"
due to AGED Mistakes but her bad attitude is Hack care
She should be on the way out
PDPC started in 2012
still need to educate public by unamsking our personal NRIC?
Can SBQ tell us, how many public must be educated?
Maybe 300 or 30,000? #%&&^@
(19-12-2024, 07:13 PM)Ola Wrote: [ -> ]Indranee and SBQ should be educated on PDPC first, lah
Why want to unmask in the first place?
Flip Flop Roti Prata Mee Goreng.
Why their faults become a burden to us?
