Minister for Information and Communication Technology, Timothy Masiu today confirmed that some 150 Papua New Guineans have been cited in the leaked database.
A report from ABC News, named Treasury Minister Ian Ling Stucky, Communications Minister, Timothy Masiu himself, and State Enterprise Minister Sasindran Muthuvel as some of those named in the document.
These ministers are some of many other politicians and Papua New Guineans whose data have been collected by the Chinese data analytics firm, Zhenhua Data.
Minister Masiu informed that the Ministry is undertaking rapid vulnerability assessment on the leaked database.
“My Department has managed to obtain parts of the leaked database and in the interest of national security, I have instructed for an assessment to be undertaken on all aspects of the database.”
He said the department has spent the last 96 hours analysing the data so as to develop an understanding around the data collection sources, and the purpose of the database.
And these are the facts the minister was able to confirm so far;
- The leaked database contains data of 2.4 million individuals;
- The database contains a broad array of public and non-public data with classifications;
“At this stage, and from what we are able to access, we can confirm that names of 150 Papua New Guinean’s have been cited and that:
- From the 150 people listed 63 of them are classified as active;
- From the 63 active profile 9 are female and 54 males;
- From the 63 profiles, 15 have been profiled with profile notes that cover their association to business or organisations as well as their Political or criminal briefs;
- 19 of the people listed in the exposed data are further classified under 5 categories (No Classification, Trafficking, Financial Crimes, Organised Crime and Corruption;
The exposed list contains general information about persons profiled under 3 categories
- Special Interest Person (SIP) – 19 Total Count;
- Politically Exposed Person (PEP) – 96 Total Count; and
- Relative or Close Association (RCA) – 34 Total Count.
Masiu said data was most likely obtained from public sources such as social media and websites.
“At face value, one could write this off as some sort of general data analytic activity however the types of data collected clearly indicates there is certainly interest at play thus we will not rest until we confirm the organizations and the people and their intentions behind this data-mining exercise and whether their actions are legitimate,” said Minister Masiu.
A complete report will be made available once the assessment is complete.
“One key takeaway from this experience is that, like other countries, we are reminded of our vulnerabilities and that as a Government, we will remain ever vigilant. In fact, as a Government, we endorsed strategic ICT policy and legislative reform last month in the form of the PNG Digital Transformation Policy.”
The Minister reminded citizens to be ever vigilant online and also to be mindful of what is put out there especially on social media. He urged people to check their social media privacy settings immediately to ensure that personal data is not exposed unnecessarily, to change email passwords regularly, and do not share passwords unless it is a legitimate requirement.
Meantime the database was leaked to American academic Christopher Balding, who was previously based in Shenzhen but has returned to the US because of security concerns. He shared the data with Internet 2.0 for recovery and analysis.
The findings were first published on Monday by a consortium of media outlets including the Australian Financial Review and the Daily Telegraph in the UK.
Balding described the breadth of the data as “staggering”. In a statement, Balding said the individual who provided the data had put themselves at risk but had “done an enormous service and is proof that many inside China are concerned about CCP [Chinese Communist party] authoritarianism and surveillance”.