The Election Commission’s National Identity Registration Wing director general has denied that any citizen’s information has leaked from the NID server, amid concerns about an alarming claim that the personal data of around 50 million Bangladeshis, including their full names, phone numbers, email addresses and NID numbers, is openly accessible on a government website.
“The exposed information is not ours. The Election Commission is thoroughly checking whether any of the 171 gateways connected to the server is leaking any data,” Director General AKM Humayun Kabir said on Sunday.
State Minister for Information and Communication Technology Zunaid Ahmed Palak earlier in the day said no government website had been hacked and that the personal information of citizens was exposed because of security vulnerabilities.
Efforts were underway to resolve the issue, the state minister added.
Researcher Viktor Markopoulos from Bitcrack Cyber Security accidentally discovered the leak on June 27 and promptly informed the Bangladeshi e-Government Computer Incident Response Team (CIRT), TechCrunch, an online portal focusing on high tech, reported.
Markopoulos revealed that the leaked data comprises the details of millions of Bangladeshi citizens. Shockingly, anyone can visit the website and find citizens’ names, dates of birth, and NID numbers by simply conducting a Google search.
TechCrunch conducted its investigation to validate the authenticity of the leaked data. However, the outlet refrained from disclosing the name of the specific website as the data is still accessible online, as confirmed by Markopoulos.
In response to the news of the massive data breach, CIRT took action by acknowledging the matter and launching a comprehensive investigation.
In a press release on Saturday, CIRT emphasized its commitment to ensuring cybersecurity and protecting citizens’ data.
“It is crucial for all stakeholders to collaborate and support CIRT’s efforts to rectify the situation, implement necessary security measures and prevent similar incidents from happening in the future,” the press release read.
