MySejahtera: No breach in personal data despite users receiving unsolicited messages

The Ministry of Health (MoH) has reassured MySejahtera users that there has been no breach in data that caused random OTP SMS and emails to be sent to users.  

The spam messages were instead sent via API manipulation that’s related to MySejahtera’s Check-In feature.  

This feature allows businesses to generate QR codes for their establishments, but unknown parties had misused this feature to send OTP codes. 

mysejahtera rick roll

Image credit: Phakorn Kiong

The “Need Help” feature is also a culprit in allowing wrongdoers to send spam emails to other users. 

The MoH also noted in their press release that the MySejahtera app and website’s security has been heightened to prevent similar exploits in the software from appearing. 

Related posts

MediaTek Launches Dimensity 9400+ with Enhanced Agentic AI, Gaming Power, and Next-Gen Connectivity

U Mobile gets green light to rollout second 5G network

Apple thinks people won’t use MagSafe on iPhone 16e