A Singapore Traffic Police investigation officer has been sentenced to one year and four months imprisonment after being convicted of breaching computer security protocols and violating national security laws by leaking sensitive information to a friend. Shivasuria Maniam Kesaval, 29, exploited his authorised access to Ministry of Home Affairs databases to retrieve and share confidential details with an acquaintance who was the subject of a police complaint, fundamentally undermining the integrity of the reporting system and placing a witness in serious danger.
The case underscores a troubling vulnerability within law enforcement agencies when personal relationships intersect with official duties. Shivasuria and his friend Brayden Ong Ying Shan, 25, had maintained their friendship since 2019, and Ong was aware of Shivasuria's position in the Traffic Police. When Ong faced consequences for driving unlicensed—following a report filed by a woman he was in a relationship with—he immediately contacted his connected friend to navigate the situation, setting in motion a chain of events that would compromise investigative confidentiality and endanger a civilian.
Following Ong's arrest in July 2022 after his vehicle was impounded on the woman's tip-off, Shivasuria proceeded to conduct multiple unauthorised searches across government computer systems between July 14 and July 26, 2022. These searches were not part of his legitimate duties and yielded highly sensitive material: the woman's personal identification details and a copy of the original report she had filed. By providing Ong with information about the timing of the initial complaint, Shivasuria effectively handed his friend the means to identify and locate his accuser, dramatically escalating the risk profile for an ordinary citizen who had simply exercised her right to report criminal conduct.
The consequences of this breach manifested swiftly and menacingly. On July 15, 2022, Ong sent the woman a message threatening to "murder" whoever had reported him to authorities. He then transmitted a photograph of Shivasuria alongside a boast that he had "a TP friend that is high ranking," a calculated intimidation tactic designed to convey that he possessed insider connections within law enforcement itself. The psychological weaponisation of this relationship—leveraging the appearance of police protection or collusion—represented a form of coercion that extended beyond simple threats into the realm of institutional corruption messaging. Ong subsequently instructed the woman to reveal her family members' names, insinuating that his Traffic Police contact could run checks on them to identify which relative might have betrayed him.
The woman, understandably alarmed by these escalating threats and the apparent access her aggressor possessed to police resources, filed a formal report in late July 2022. This secondary complaint triggered the formal investigation into Shivasuria's conduct and ultimately led to the discovery of his systematic abuse of database access. The delay between the initial unlawful searches and the exposure of the breach highlights the difficulty law enforcement faces in detecting insider threats, particularly when wrongdoing occurs within trusted access parameters and involves colleagues unlikely to report one another.
During trial proceedings, the District Court found Shivasuria guilty on four counts of misusing computer systems and one count of violating the Official Secrets Act, recognising both the technical nature of his breaches and the classified implications of his actions. The judge also convicted Ong of criminal intimidation and OSA violations. The prosecution had sought a sentence of one year and seven months, arguing that Shivasuria demonstrated no remorse for his actions. Shivasuria, who appeared in court without legal representation, submitted written mitigation that was not read aloud, and he declined to offer any additional remarks to the judge, a choice that may have reinforced the perception of indifference to consequences.
A particularly significant development emerged on July 2, when authorities learned that Ong had fled Singapore by boat on June 2, shortly after his conviction. An arrest warrant has been issued, though his current whereabouts remain unknown. The court scheduled a review hearing for July 14 to address his sentencing and the practical implications of his fugitive status. This flight from jurisdiction suggests Ong recognised the severity of the charges and the likelihood of a substantial custodial sentence, leaving the question of whether he will ultimately be apprehended and brought back to face sentencing.
The case carries significant implications for police governance across Southeast Asia, where similar hierarchies, familial and social networks, and access-control vulnerabilities exist within law enforcement agencies. The incident demonstrates how personal loyalty can erode institutional integrity when internal audit mechanisms prove insufficient or compliance culture is weak. Shivasuria's suspension in August 2022—well after his unlawful searches—suggests a gap between the commission of offences and their discovery through channels other than routine oversight. Organisations across the region would benefit from strengthened computer access logging, more frequent audits of database searches, and clearer consequences for misuse of authority.
For Malaysian observers, this case provides valuable lessons about the critical importance of robust internal affairs divisions and whistleblower protections. When a police officer is willing to compromise an investigation and endanger a civilian to assist a friend, it reflects not merely individual moral failure but potentially systemic weaknesses in supervision and accountability. The fact that Ong felt emboldened to make explicit death threats while referencing his police connection suggests that such leaks carry real-world consequences far beyond administrative misconduct—they enable criminal intimidation and undermine public confidence in the impartiality of law enforcement itself.
