PETALING JAYA: The Inland Revenue Board (LHDN) has denied that personal data was exposed on its portal, MyTax.

"HASiL (Lembaga Hasil Dalam Negeri Malaysia) would like to emphasise that the confidentiality of taxpayer data in the MyTax platform is safe and secure because it is backed by certified tech security data," the organisation said in a statement.

The statement was released after a Facebook post claiming that the portal was leaking information such as name, date of birth, address, email, bank account, and tax file number went viral.

The post, made by Adil Hidayat on the Pendakwah Teknologi page, claimed that once a person’s MyKad was keyed into the portal, this information was visible under developer mode, specifically the Network tab.

Adil Hidayat told LifestyleTech that he discovered the alleged flaw when he was tinkering with the site.

He suspected that the developer forgot to turn on this feature and made the post to warn others that their personal information could be misused.

"Scammers can call up banks and impersonate other users. They could use the information to answer verification questions posed by the banks," he said.

Soon after the post went live, users complained that the website had become inaccessible.

According to a Facebook post by LHDN at about 3pm, the portal was taken down for maintenance. The website is functional now.

LHDN said it takes the issue of data security seriously and added that it will work on improving the confidence and trust of taxpayers in the services it provides.

Communications and Digital Minister Fahmi Fadzil, who was tagged in the post, was urged to take action.

"Therefore, HASiL will continue to strive to improve service quality and act proactively and transparently to address this issue," LHDN said in the statement.