InfoSecBulletin Cybersecurity for mankind
A recent dark web scan revealed that customer data from Dhaka Electric Supply Company Limited (DESCO) has been exposed. The breach affects 110,856 users and includes sensitive information like Customer Number, Name, Email, Address, and Mobile Number.
The exposure of this data on the dark web poses several risks like:
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Operational Disruption: Unauthorized access to internal systems may cause major problems, harming the city’s economy and public services.
Espionage and Surveillance: Electricity usage data can show habits of people or organizations, which could be used for spying or planning physical sabotage.
Targeted Disruptions: Attackers could interfere with billing or services, leading to outages in certain areas or disrupting power to essential facilities.
Identity Theft: Sensitive information could be stolen and used to harm customers financially and personally.
To enhance the security of Dhaka Electric Supply Company Limited’s (DESCO) IT systems, BCSI suggests a broader strategy than just standard vulnerability assessments that often use automated tools. Many VAPT companies rely heavily on automated scanners, which can overlook complex vulnerabilities and advanced threats. While these tools are helpful, they cannot substitute for the expertise of experienced cybersecurity professionals in identifying and addressing sophisticated attacks.
To protect, DESCO should take robust cybersecurity actions and to collaborate with cyber security experts who have practical experience in protecting critical infrastructures. By implementing a strong defense strategy that involves continuous network monitoring, incident response planning, threat intelligence sharing, and regular security audits, DESCO can significantly enhance their ability to withstand cyber threats.
Dhaka Electric Supply Company Limited (DESCO) plays a vital role in providing electricity to a large part of Dhaka, which is essential for the city’s economy and daily life. The customer data it holds, such as names, contact numbers, addresses, billing details, and electricity usage, is sensitive and important for managing services.
Prior to that, In june-2023 The official verified Facebook page of Dhaka Electric Supply Company Limited (DESCO) was hacked. At that time, while visiting the page it was seen that the hackers had written slogans of Bangabandhu’s age-old Dabaya, Parba Naa.
(to be continued)
