Over the past day or two, some of you may have suddenly received suspicious messages in regards to your MySejahtera account. Oftentimes, these messages indicate that you would have received an option for ‘check-in registration’, accompanied by a six-digit OTP that would expire in five minutes. Well as it turns out, you’re not the only one.
Suspicious MySejahtera OTP messages?
The MySejahtera development team has since come forward to address the issue, after it had been found that an increased number of complaints were logged by users via the app’s in-built helpdesk as well as through various social media channels. FMT reports that the incidents were traced back to “malicious scripts” that had been misusing the app’s QR registration feature.
According to Malay Mail, the development team reassures users that user-data on MySejahtera remains secure.
“Since then, these API endpoints are blocked and a fix to enhance security will be moved tonight. We want to reassure all our users that no user data was accessed by these scripts but random phone numbers were spammed to verify their phone number. We apologise for this inconvenience,” they added in a statement released to the media.
The team is committed to resolving the issue by this evening.
But don’t forget to check-out
This comes after the MySejahtera app received a major update in September that chiefly includes a new ‘check-out’ function that allowed for improved contact tracing by the authorities. The feature requires users to not only check-in to all premises using the app’s dedicated QR scanner, but also to tap on the ‘check-out’ button displayed on the app’s interface.
The goal was to improve the precision of contact tracing efforts in the country by identifying the time-frame that each user has spent in a specific location upon their initial entry and departure. However, the Federal Government has stressed that there will not be any fines issued upon those who had forgotten to check-out after leaving a premise.
The app is also now able to automatically perform the check-out function on behalf of its user, should one forget to do so.
For more stories like this, follow us on Facebook!