April 27, 2019, 01:04 PM 
Malaysia's transport ministry announced on Thursday (April 25, 2019) that foreign vehicles have to show a Vehicle Entry Permit (VEP) to enter Malaysia, starting October 1.
Registered foreign vehicles will have to install and display a VEP-RFID tag, which will have a validity period of five years, on their windshields.
Photo from Din Idah FB.
However, you might want to wait a while before registering at the VEP online portal.
Making changes to URL exposed other motorists' personal data
Just one day after the announcement (April 26), the portal was found to be not sufficiently secured for usage.
According to The Straits Times, one Singaporean driver Mohammad Hafiz's personal information was revealed on the website after he "cut and paste" the URL to the portal for his nephew.
His nephew reportedly saw Hafiz's personal details after opening the URL he received from Hafiz.
Even more disturbingly, Hafiz, who happens to be an IT specialist, also reportedly found that he can view other motorists' data — including their NRIC number, address, and passport information— after making some tweaks to the URL.
The Malaysian authorities were alerted to the issue at around noon on Friday, but the website was still accessible till about 5pm.
Overnight, it went under maintenance:
Screenshot from VEP website.
But by Saturday morning, it appears to be back up, following "thorough investigation". It is unclear if the security loopholes have been resolved yet, however, despite Malaysia's reported assurances on Saturday that data security is a matter they "take seriously" and treat with "great urgency".
VEP required to enter Malaysia from October 1, 2019
The implementation of VEP has been delayed for more than four years.
The system was initially targeted for launch in 2015, followed by a trial run of 12,000 vehicles registered in 2016. However, its implementation was stalled by technical issues.
Then, the Malaysian government said the VEP would come into force last January, but its launch was postponed again because the system needed more time for fine-tuning.
It was later reported that the VEP would be implemented at the Johor Causeway and Malaysia-Singapore Second Link checkpoint by end of 2018 — that didn't materialise either.
With this technical glitch on the portal, you might want to wait for confirmation of it being safely secured before applying for a VEP.
Here are some (unofficial) nifty steps you can follow when the portal is confirmed to be safe for use:
Image by Mohd Faris Abdullah.
Image by Mohd Faris Abdullah.
Top photo collage from Winne Haus' photo and screenshot from VEP portal
If you like what you read, follow us on Facebook, Instagram, Twitter and Telegram to get the latest updates.