ICT Pulse posted an article on February 18, 2021 asking important questions relating to the JAMCOVID data breach. Below are some key highlights:
- This week, news came to light that the website and application that the Government of Jamaica has been using to manage the immigration records and COVID-19 test results of residents and visitors to the island, had been severely compromised.
- The report, which seemed to have been based on first-hand investigations conducted by TechCrunch, found that documents and data uploaded to the country’s JamCOVID19 website and app and stored in the cloud, ” was left unprotected and without a password, and was publicly spilling out files onto the open web “.
- It’s arguable that the security issue that caused the breach is not a ‘rookie mistake’.
- How serious is the Government of Jamaica about security? The Government is the repository of considerable volumes of personal data of individuals, along with confidential and commercially sensitive information on businesses and organisations. Finally, and based on the previously-mentioned article by JIS, this point is particularly worrying.
Reference(s):