A dispute has escalated between Libya’s General Authority for Monitoring Media Content (GAMMC) and the Brega Petroleum Marketing Company following accusations of a major data breach involving citizens registered in the national cooking gas distribution system.
The controversy began on Saturday, August 9, when the GAMMC issued a statement expressing “grave concern” over the exposure of sensitive personal data, including full names, national ID numbers, and phone numbers, through the gas system managed by Brega. The Authority described the leak as a violation of the law and a threat to national and societal security, calling on the Public Prosecutor to launch an urgent investigation.
In response, Brega Petroleum Marketing Company categorically denied the allegations. The company released a statement expressing surprise at the GAMMC’s claims, describing them as having “no basis in reality or law.” Brega reassured the public of its full commitment to protecting citizen data and stated its platform is secured with the highest cybersecurity standards. The company also signaled its intent to take legal action against the Authority for disseminating baseless information.
However, the GAMMC responded again on Sunday, accusing Brega of “attempting to mislead public opinion.” The Authority pointed out that shortly after its initial statement, the company modified the system’s access mechanism. Now, obtaining a collection receipt requires entering a “registration number” instead of the easily obtainable “reservation number.”
The GAMMC argued that this change is an “implicit admission of the flaw and its severity,” claiming Brega’s 20-hour silence was used not to formulate a response, but to patch the security vulnerability. The Authority has renewed its call for the Public Prosecutor and other relevant bodies to conduct a digital forensic investigation, stressing that the belated fix does not absolve the company of responsibility for the data that was previously exposed.