A data security breach in the government’s JAMCOVID-19 mobile app may have exposed the personal data of nearly half a million travellers to the island.
That’s the allegation being made by noted American technology web site “TechCrunch”.
Our news centre has not been able to independently verify the specific allegations.
Calls to the Security Minister, Dr. Horace Chang, were not answered.
But in a statement today, the Ministry of National Security acknowledged that a security breach did occur.
It says the breach has since been rectified.
The Ministry says the vulnerability was associated with the file storage service on the app.
The vulnerability was first discovered on February 16.
The server is said to have contained 70,000 negative COVID-19 lab results, over 425,000 immigration documents including travellers’ names, date of birth and passport numbers.
The server is said to have also contained 250,000 quarantine orders dating back to June 2020 and 440,000 travellers’ signatures were also stored on the servers.
The Ministry says a thorough investigation was launched to determine whether any of the data had been compromised.
It says so far the investigation has revealed no evidence that the security vulnerability has been exploited for malicious extraction of travellers’ data.
The Ministry has contacted travellers whose data may have been affected by the security breach.
The Ministry is assuring all travellers to the island that the government takes data security and privacy very seriously.
It says it will continue to carry out robust security testing and update systems where necessary to guard against unauthorized access to data.
The JAMCOVID application was launched in June of last year after the government reopened Jamaica’s borders to international travel.
Travellers are required to pre-register on the app before travelling to the island.