The Jamaica Gleaner published an article on February 23, 2021, about JAMCOVID being under more scrutiny as a second data breach was flagged. Here’s a summary:
- The Office of the Prime Minister has come under more scrutiny over questions surrounding whether officials there had flagged problems with the JAMCOVID applications months ago before exposure of thousands of travellers’ personal data online.
- The focus comes after the second security failure of the $57 million application whose core parts were built in three days and gifted freely to the Government.
- The Amber Group has disclosed that it was confident that the first issue of 425,000 immigration records that were left without password protection on a government server on Amazon Web Services was an “isolated occurrence”.
- The minister without portfolio in the Ministry of National Security, Matthew Samuda, stated just under 700 persons were affected.
- TechCrunch, an online US newspaper reported that Amber fixed a “security lapse” that exposed the private keys and passwords for JAMCOVID, which is used to process travellers’ information.
- The investigation called into question where Amber claimed it matched the findings of a “leading” international cybersecurity provider that there are no vulnerabilities that could lead to any exposure or breach. The CEO of eGov was unable to respond and stated that typically communications would have to be had with their parent ministry or, in this case, the Office of the Prime Minister.
- The Major Organised Crime and Anti-Corruption Agency, the Cyber Incident Response Team of eGov, and the police cybercrimes unit are investigating what the Government calls an “alleged breach”.
Source: jamaica-gleaner.com
Contributed by Racquel Bailey from Jamaica. Racquel is a member of our Women in InfoSec Caribbean (WISC) initiative on Discord. WISC is a non-profit initiative supporting Caribbean women and girls to develop a career in Information Security.
Learn more about WISC at wiscaribbean.org.