Prime Minister Olzhas Bektenov raised the issue of introducing liability for the transfer of databases to fraudsters at a meeting of the Interdepartmental Commission for the Prevention of Offences.
"People who 'leak' databases to the internet or to fraudsters are not punished at all. Therefore, it is necessary to work out the issue of introducing liability for the deliberate transfer of other people's bank accounts, accounts, cards, identity document data, and phone number databases to third parties," Bektenov noted.
According to the government press service, most internet fraud related to loan applications and theft of bank savings is committed from abroad.
"Stolen money is cashed out using so-called 'money mules' – these are mainly unemployed citizens who want to make quick 'easy' money. Current legislation does not provide for any liability for 'money mules'," the statement said.
In addition, Bektenov instructed that the procedures for identity verification when applying for online loans be reviewed.
At the same time, the head of government ordered the consideration of the issue of insuring loans against fraudulent attacks.
Recall that in March, Kazakh citizens were informed about a leak of their personal data in the "EgovMobile" application. Notifications were also sent to those who had never taken out loans from microfinance organisations.
Shortly before this, a mass leak of internal data occurred at the Ministry of Public Security of the People's Republic of China. Files containing confidential conversations and operational data were posted on the GitHub hosting service in the public domain. Among the published files, private data of subscribers of Kazakh mobile operators Beeline, Altel, Tele2, Kcell and Kazakhtelecom was also found.
It was also reported that among the leaked files, information from the UAPF from 2019 and data on passengers of the airline "Air Astana" was discovered.
The Ministry of Digital Development, Innovation and Aerospace Industry conducted unscheduled inspections of Kazakhtelecom JSC, Unified Accumulative Pension Fund JSC (UAPF) and Air Astana JSC for compliance with information security requirements. Based on the results, "Kazakhtelecom" and "Air Astana" were brought to administrative responsibility and given one year to rectify the violations.
However, according to informburo.kz, Air Astana stated that the Ministry's directive to rectify the violations was not related to issues of client personal data. Moreover, the airline assured that "passenger data was not compromised."