IPOH: The issue of suspicious one-time password (OTP) text messages from the MySejahtera app has cropped up again.

       Perak MCA public services and complaints bureau chief Low Guo Nan said he had received an OTP text message from a 68066 number on Wednesday (Oct 27) morning.

       "I thought the security features had been improved last week.

       "I have reported the incident using the Helpdesk feature in the MySejahtera app," he said in a press statement Thursday (Oct 28).

       "I have also lodged a police report on Wednesday evening as I am worried that my personal details would be accessed by unscrupulous people, seeing that cyber-crime cases are now quite prevalent.

       "Those who are still facing this issue are encouraged to take the same action for their own protection," he added.

       The Health Ministry had, on Oct 20, said that investigations by the Malaysian National Cyber Security Agency had found that the OTP messages and spam email were sent out by misusing the app's application programming interface (API).

       The ministry also assured that there was no leak of the MySejahtera database.

       The unsolicited OTP messages were sent to verify random users' phone numbers for check-in QR registrations, which was meant for business premises, public transport operators and others to get a QR code for check-ins.

       The MySejahtera team had since blocked MySejahtera's API endpoints to facilitate a security enhancement fix later.

       Low said the Health Ministry and the National Security Council should look into this matter seriously.

       "They should investigate and give an explanation to the people as soon as possible," he added.