Published :
Updated :
For all latest news, follow The Financial Express Google News channel.
The personal information of 55 million Bangladeshi citizens has been leaked in a data breach that has been acknowledged by government officials.
The authority suspects that the breach occurred through one of the 174 organisations that have access to the National Identity Card (NID) server.
The NID server holds information of approximately 120 million voters, of which approximately 55 million possess smart NID cards.
A Telegram bot is being used to access the leaked data, which includes individuals' names, gender, parents' names, phone numbers, addresses, photos, and other personal details.
If one puts the date of birth and the 10-digit smart card number, it automatically reveals other information.
A bot -- short for robot and also called an internet bot -- is a computer programme that operates as an agent for a user or other programme or to simulate a human activity. Bots are normally used to automate certain tasks, meaning they can run without specific instructions from humans.
Mohammad Ashraf Hussain, the system manager at the NID wing of the Election Commission, told the media that he became aware of the issue on Tuesday but remained uncertain about the identity of the culprits behind the data breach.
Hussain said appropriate action was being taken in this regard, but he refused to name the organisation involved.
He said that organisations obtained information from the Election Commission for their portals and that sometimes these portals might have vulnerabilities leading to security compromises. AKM Humayun Kabir, the director general of the NID wing, claimed he was not aware of the situation and asserted that the NID server remained secure.
This incident follows a prior data breach on June 7, which exposed the personal information of around 50 million Bangladeshi nationals through a government website.
In response to the earlier breach, ICT experts recommended continuous surveillance of organisations that access services from the NID server.
They also suggested that the Election Commission conduct regular vulnerability assessments and penetration tests on the server to detect and address potential weaknesses.
The latest data breach has given rise to concerns about the security of personal data in Bangladesh and the government's ability to protect it.