Published on 12:00 AM, October 05, 2023

Smart NID Data Leak: Voters' info now in Telegram channel

The exposure of personal data belonging to at least 50 million Bangladeshi citizens raises alarming questions about the security measures in place to safeguard sensitive information.
Mohiuddin Alamgir

Personal information of the country's smart National Identity Card holders is now available in a Telegram channel, officials have acknowledged.

The country's NID server has information of about 12 crore voters, of whom around 5.5 crore have smart NID cards. 

A Telegram bot provides people's names, gender, parents' names, phone numbers, addresses, photos and other details when a 10-digit NID number is entered, many have said.

Mohammad Ashraf Hussain, system manager at the NID wing of the Election Commission, said he learnt about the matter on Tuesday, but had no idea who was behind the Telegram channel.

Read more

What happens when our data gets leaked: Here's how concerned you should be

He added that it has been identified that information was being leaked through one of the 174 organisations that have access to the NID server.

"Appropriate action is being taken in this regard," he said, but refused to name the organisation.

"Organisations take information from the Election Commission for their portals. Sometimes, their portals have weaknesses and end up getting compromised," he added.

However, AKM Humayun Kabir, director general of the NID wing, said he was not aware of the matter, adding that the NID server is safe.

On June 7, TechCrunch, a San Francisco-based online publisher of start-up and technology industry news, reported that personal information of about 5 million Bangladeshi nationals have been leaked from a government website.

Zunaid Ahmed Palak, the state minister for ICT, then said the leak happened through a breach in the server of the Office of the Registrar General.

The leaked data included names, phone numbers, email addresses and national ID numbers of people.

Following that breach, ICT experts recommended that the EC keep round-the-clock surveillance on the organisations that avail services from the NID server.

They also suggested the EC conduct vulnerability assessments and penetration tests on the server at regular intervals to identify vulnerabilities.

Jahangir Alam, a resident of Mirpur who was aggrieved by the leak said that this leak of personal information was a threat to his personal safety.

Top Stories