The Bangladeshi authorities on Sunday took down residents’ delicate knowledge that it had left uncovered on-line.
On Friday, TechCrunch reported that a web site belonging to the federal government of Bangladesh was leaking the private info of the nation’s residents, together with full names, telephone numbers, e-mail addresses and nationwide ID numbers.
On the time, we didn’t disclose which web site specifically was leaking as a result of the info was nonetheless accessible. We are able to now report that the problem was with the Workplace of the Registrar Basic, Beginning & Dying Registration web site.
Bangladeshi’s e-Authorities Pc Incident Response Workforce (CIRT) mentioned the info has now been taken down.
Viktor Markopoulos, a researcher who works for Bitcrack Cyber Safety, discovered the info on the finish of June, after which alerted CIRT. In line with his estimate, the web site leaked knowledge on round 50 million Bangladeshi residents.
Final week, we additionally reached out to CIRT, in addition to the Bangladesh authorities’s press workplace, its embassy in Washington, D.C. and its consulate in New York Metropolis. None responded to our request for remark final week, and didn’t instantly reply to follow-up requests for this story.
In a press launch on Saturday, CIRT mentioned that it “promptly” addressed the info breach, and “demonstrated its professionalism and experience by swiftly initiating an intensive investigation into the matter, leaving no stone unturned in pursuit of understanding the extent and impression of the info breach.”
Bangladesh’s State Minister for Data and Communication Expertise Zunaid Ahmed Palak mentioned that “no authorities web site has been hacked. Residents’ info was uncovered as a result of vulnerability of the web site,” in keeping with the Enterprise Commonplace, an area newspaper.
Bangladesh’s Dwelling Minister Asaduzzaman Khan Kamal reportedly mentioned that legislation enforcement companies are investigating the incident.
Do you’ve gotten details about related leaks or knowledge breaches? We’d love to listen to from you. From a non-work gadget, you may contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Wickr, Telegram and Wire @lorenzofb, or e-mail lorenzo@techcrunch.com. You may as well contact TechCrunch by way of SecureDrop.
