Amid a heightened state of alert due to potential cyber-attacks from Indian hackers, both government and private institutions in Bangladesh have been targeted and compromised in a series of cyber-attacks and data breaches.
Numerous institutions have been singled out, including the Investment Corporation of Bangladesh (ICB) and the Directorate General of Health Services (DGHS). In the ICB breach, a significant amount of data was exposed, revealing information about around 10,000 investors and those seeking investment opportunities. This data included personal details like names, addresses, and bank account numbers, particularly those linked to government mutual funds.
DGHS also experienced a breach, involving the leak of revenue collection statistics from government-run hospitals. Hackers asserted that they had gained access to data from the central bank, offering a screenshot as evidence. However, the authenticity of the leaked data has not been confirmed.
Furthermore, hackers directed their attacks at the land tax portal of the land ministry, resulting in the exposure of details belonging to a small number of users. Various other organizations faced less severe attacks, leading to temporary disruptions of their websites, including police units, ticketing platforms, and a few banks. Most of these affected sites were swiftly restored.
The Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) had previously issued a warning regarding potential cyber threats originating from underground hacker groups with religious and ideological motivations. These threats were aimed at Bangladesh’s online space on August 15.
As a precautionary step, various government institutions and banks took measures to enhance their security with the assistance of the Rapid Action Battalion. However, certain hacker groups claimed to have accessed data from the Rapid Action Battalion, but investigations revealed that this data was from an earlier incident dating back to 2013.
This marks the second reported data breach related to ICB this year, following a previous incident in June. These attacks follow a series of cyber assaults that began in March, some of which led to more extensive leaks of citizens’ personal information.