InfoSecBulletin Cybersecurity for mankind
Bad actor offer to sell myLocker, which offers a secure locker for documents in the cloud, user data on a dark web forum for $150 posing a threat to the Digital Bangladesh Program.
MyLocker, an initiative of ICT division is a secure digital locker where citizens can store and share various government and private documents. All information is stored in the Bangladesh Government’s Four Tier National Data Center, secured with advanced encryption and backup measures.
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
VPN Surge 1500% in USA after TikTok Shut Down
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology
The leaked data samples were analyzed and although no digital copies of personal documents were discovered, but the breach still includes sensitive user information.
The exposed data contains User ID, Citizen ID, Name, Email, Phone Number, National ID (NID) and date of birth.
The exact amount of breached data was not found. According to myLocker’s official website, they have a total of 25,56,400 registered users and 85,96,890 issued documents stored in their databases.
If the the claim to be legit, its a concerning issue for those info has been reportedly said to be sale online. Cyber experts said, by using or modifying the personal identifiable information (PII) bad actor can do a large scale of harm to the victims.
The breach highlights the need for strong cybersecurity measures in the digital age. BCSI suggests, The ICT Division should quickly secure the myLocker platform and safeguard user information. Citizens should also stay alert and follow best practices for personal data security to reduce risks.
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)
