No data privacy security flaws in Financial Services Bureau website – Gov’t

The Financial Services Bureau (DSF) has denied in a statement to Macau News Agency (MNA) the existence of any data privacy security flaws on its website, but still indicated it will look to optimize the system’s security.

In a report yesterday, newspaper Hoje Macau cited a cybersecurity expert who claimed that the lack of any encryption certificate (SSL) in the DSF website posed an imminent danger for users’ personal data, especially on the website pages that present forms to fill out.

This was allegedly observed in certain website pages that required for the complete number of a Macau Resident Identity Card (BIR) to be submitted and that could then be vulnerable to being captured.

“The DSF immediately proceeded to full verification of the security and confidentiality of the website’s system, having not detected any leakage of information or an invasion by hackers. However, the DSF is carrying out work to optimize the respective system, in order to increase the level of security and confidentiality of the website,” the department indicated to MNA.

MNA also contacted the Office for Personal Data Protection (GPDP) over the matter but no response had yet been provided.