InfoSecBulletin Cybersecurity for mankind
Bad actor offer to sell myLocker, which offers a secure locker for documents in the cloud, user data on a dark web forum for $150 posing a threat to the Digital Bangladesh Program.
MyLocker, an initiative of ICT division is a secure digital locker where citizens can store and share various government and private documents. All information is stored in the Bangladesh Government’s Four Tier National Data Center, secured with advanced encryption and backup measures.
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
The leaked data samples were analyzed and although no digital copies of personal documents were discovered, but the breach still includes sensitive user information.
The exposed data contains User ID, Citizen ID, Name, Email, Phone Number, National ID (NID) and date of birth.
The exact amount of breached data was not found. According to myLocker’s official website, they have a total of 25,56,400 registered users and 85,96,890 issued documents stored in their databases.
If the the claim to be legit, its a concerning issue for those info has been reportedly said to be sale online. Cyber experts said, by using or modifying the personal identifiable information (PII) bad actor can do a large scale of harm to the victims.
The breach highlights the need for strong cybersecurity measures in the digital age. BCSI suggests, The ICT Division should quickly secure the myLocker platform and safeguard user information. Citizens should also stay alert and follow best practices for personal data security to reduce risks.
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)
