Sunday , September 29 2024
my locker

ICT division’s myLocker User Information Available for Sale

infosecbulletin Friday , June 7 2024 Cyber Attack, Data Breach

Bad actor offer to sell myLocker, which offers a secure locker for documents in the cloud, user data on a dark web forum for $150  posing a threat to the Digital Bangladesh Program.

MyLocker, an initiative of ICT division is a secure digital locker where citizens can store and share various government and private documents. All information is stored in the Bangladesh Government’s Four Tier National Data Center, secured with advanced encryption and backup measures.

Meta fined $101 million for storing passwords in plaintext

By infosecbulletin / Saturday , September 28 2024
Meta was fined over $100 million by the EU privacy regulator on Friday due to a security issue with Facebook...
Read More
Meta fined $101 million for storing passwords in plaintext

Microsoft warns Storm-0501 targets hybrid cloud environments

By infosecbulletin / Friday , September 27 2024
Microsoft cybersecurity researchers found that the "Storm-0501" ransomware group is targeting hybrid cloud environments. Storm-0501 Attacking Cloud Environments: Storm-0501 is...
Read More
Microsoft warns Storm-0501 targets hybrid cloud environments

RCE flaw impacts all GNU/Linux System: Details Revealed

By infosecbulletin / Friday , September 27 2024
Simone Margaritelli has discovered a serious remote code execution (RCE) vulnerability in the Common Unix Printing System (CUPS), impacting all...
Read More
RCE flaw impacts all GNU/Linux System: Details Revealed

Octo2: European Banks Already Under Attack by New Malware varient

By infosecbulletin / Friday , September 27 2024
Cybersecurity researchers at ThreatFabric have identified a new and more dangerous variant of the Octo banking malware, called "Octo2." This...
Read More
Octo2: European Banks Already Under Attack by New Malware varient

CISA Releases Guideline mitigating Active Directory compromise

By infosecbulletin / Friday , September 27 2024
To improve cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) has partnered with international agencies to release a guide on...
Read More
CISA Releases Guideline mitigating Active Directory compromise

G7 cyber group warns to prep for quantum computing risks

By infosecbulletin / Friday , September 27 2024
An intergovernmental group urged the financial sector on Wednesday to prepare for potential threats from advancements in quantum computing. The...
Read More
G7 cyber group warns to prep for quantum computing risks

Cloudflare report
India linked hacker to target Bangladeshi Gov.t and law agency

By infosecbulletin / Thursday , September 26 2024
A threat actor likely operating out of India is relying on various cloud services to conduct cyberattacks against energy, defense,...
Read More
Cloudflare report India linked hacker to target Bangladeshi Gov.t and law agency

India launches first Al-powered network solution for spam detection

By infosecbulletin / Thursday , September 26 2024
India's Bharti Airtel has launched India's first AI-powered solution that detects spam calls and messages, alerting customers in real-time. The...
Read More
India launches first Al-powered network solution for spam detection

White Snake to Steal Credit Cards CVC Codes from Chrome

By infosecbulletin / Wednesday , September 25 2024
The White Snake malware has been updated to take advantage of a new feature in the latest Google Chrome version....
Read More
White Snake to Steal Credit Cards CVC Codes from Chrome

Kaspersky Automatically Replaces With UltraAV, Raising Concerns

By infosecbulletin / Tuesday , September 24 2024
Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024,...
Read More
Kaspersky Automatically Replaces With UltraAV, Raising Concerns

The leaked data samples were analyzed and although no digital copies of personal documents were discovered, but the breach still includes sensitive user information.

The exposed data contains User ID, Citizen ID, Name, Email, Phone Number, National ID (NID) and date of birth.

The exact amount of breached data was not found. According to myLocker’s official website, they have a total of 25,56,400 registered users and 85,96,890 issued documents stored in their databases.

If the the claim to be legit, its a concerning issue for those info has been reportedly said to be sale online. Cyber experts said, by using or modifying the personal identifiable information (PII) bad actor can do a large scale of harm to the victims.

The breach highlights the need for strong cybersecurity measures in the digital age. BCSI suggests, The ICT Division should quickly secure the myLocker platform and safeguard user information. Citizens should also stay alert and follow best practices for personal data security to reduce risks.

(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)

Check Also

hand

Check you one
Android malware ‘Necro’ infect 11 million users via Google Play

Kaspersky security researchers discovered a new version of the Necro malware that has infected over …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin