InfoSecBulletin Cybersecurity for mankind
Bad actor offer to sell myLocker, which offers a secure locker for documents in the cloud, user data on a dark web forum for $150 posing a threat to the Digital Bangladesh Program.
MyLocker, an initiative of ICT division is a secure digital locker where citizens can store and share various government and private documents. All information is stored in the Bangladesh Government’s Four Tier National Data Center, secured with advanced encryption and backup measures.
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
The leaked data samples were analyzed and although no digital copies of personal documents were discovered, but the breach still includes sensitive user information.
The exposed data contains User ID, Citizen ID, Name, Email, Phone Number, National ID (NID) and date of birth.
The exact amount of breached data was not found. According to myLocker’s official website, they have a total of 25,56,400 registered users and 85,96,890 issued documents stored in their databases.
If the the claim to be legit, its a concerning issue for those info has been reportedly said to be sale online. Cyber experts said, by using or modifying the personal identifiable information (PII) bad actor can do a large scale of harm to the victims.
The breach highlights the need for strong cybersecurity measures in the digital age. BCSI suggests, The ICT Division should quickly secure the myLocker platform and safeguard user information. Citizens should also stay alert and follow best practices for personal data security to reduce risks.
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)
