Election Commission (EC) has suspended NID verification services of one paramilitary auxiliary force and a bank after detecting data leak.

"During routine monitoring yesterday, we found evidence that our data was being leaked from the two institutions -- Ansar and Village Defense Party (VDP) and BRAC Bank," ASM Humayun Kabir, director general (DG) of the EC's NID wing, said while speaking to reporters at the commission's headquarters in Agargaon today.

A formal investigation is already under way, he said.

According to the DG, the EC assigns routine data security checks to specific teams who monitor access by different institutions.

"It was during such checks that we discovered the leak. A more in-depth review led us to the source," he said.

He explained that when investigators followed the link suspected of leaking data, it led directly to Ansar VDP and BRAC Bank, confirming those as the origin points.

Efforts are ongoing to stop the "data breach" through all available means, he said.

The EC currently has agreements with 186 institutions to provide NID data verification services.

In February, similar data leakage concerns prompted the suspension of services to five organisations.

With the latest breach, two more institutions have now been added to that list.