The personal data of Bangladeshi citizens linked to the National Telecommunications Monitoring Centre (NTMC), the state’s lawful communication interception and intelligence agency, have been leaked, according to Wired magazine.
US-based tech magazine Wired shared a report yesterday where it said that the leaked data contains people’s names, addresses, national identity card information, phone numbers, duration of phone calls, fingerprint photos, and passport and bank account information. The data also has lists of cell towers and the parts of mobile phone networks used. Wired reports that Security researcher Viktor Markopoulos who works with CloudDefense.AI discovered the leak. The Director General of NTMC, Major General Ziaul Ahsan, admitted to The Daily Star that there has been a leak of some data, but not from their system. “We have a seven-layer security system and there is no chance for leakage from it.” He also said that it was just sample data. Markopoulos and Wired verified the data to see if it was in fact citizen’s personal data and found it being so. They contacted some of the people through the phone numbers. The majority of the data leaked is metadata, reports Wired, which they call “the extremely powerful — “who, what, how, and when” of everyone’s communications. Markopoulos had notified the government’s Bangladesh Government’s e-Government Computer Incident Response Team (BGD e-GOV CIRT) on November 8 who received the message and acknowledged it. Major General Ahsan said they were notified of the breach 2 days ago (from yesterday). The project director of BGD e-GOV CIRT was called and texted for comments but he has not yet responded.