Two senior officials doing work for anti-terror police in Bangladesh allegedly collected and sold categorized and own info of citizens to criminals on Telegram, TechCrunch has realized.
The info allegedly sold bundled nationwide identity facts of citizens, cell telephone get in touch with records and other “classified top secret details,” in accordance to a letter signed by a senior Bangladeshi intelligence formal, noticed by TechCrunch.
The letter, dated April 28, was written by Brigadier Standard Mohammad Baker, who serves as a director of Bangladesh’s Nationwide Telecommunications Checking Heart, or NTMC, the country’s electronic eavesdropping company. Baker verified the legitimacy of the letter and its contents in an job interview with TechCrunch.
“Departmental investigation is ongoing for equally the conditions,” Baker said in an on the net chat, introducing that the Bangladeshi Ministry of House Affairs requested the affected law enforcement companies to acquire “necessary action from those people officers.”
The letter, which was originally written in Bengali and dealt with to the senior secretary of the Ministry of Residence Affairs General public Stability Division, alleges the two police agents accessed and passed “extremely sensitive information” of non-public citizens on Telegram in exchange for income.
According to the letter, the law enforcement agents had been caught right after investigators analyzed logs of the NTMC’s programs and how frequently the two accessed it.
The letter reveals the id of the officers. 1 of the accused is a police superintendent serving with the Anti-Terrorism Unit (ATU). The other is an assistant law enforcement superintendent deputy at the Swift Action Battalion, also regarded as RAB 6, a controversial paramilitary device that the U.S. govt sanctioned in 2021 more than allegations that the unit is connected to hundreds of disappearances and extrajudicial killings. TechCrunch is not naming the two men and women who ended up accused as it’s unclear if they have been billed less than the country’s legal program.
The NTMC is a authorities intelligence company recognized beneath Bangladesh’s Ministry of House Affairs. The agency’s main job is to watch all telecommunications visitors and intercept cellular phone and website communications to detect and stop threats to countrywide security.
Companies like Human Rights View and Flexibility House have criticized the NTMC for lacking safeguards versus abuses, each against totally free speech as nicely as privacy. Around the many years, NTMC procured innovative technological know-how from organizations in Israel, which Bangladesh does not officially acknowledge, as very well as other Western nations, to conduct mass surveillance mainly on opposition party members, journalists, civil society customers and activists.
As aspect of its mission, the NTMC runs the National Intelligence System, or NIP, an interior authorities world-wide-web portal that holds categorized citizen facts, like nationwide identification aspects, mobile phone registration and mobile data information, criminal profiles and other information.
Several law enforcement and intelligence businesses have consumer accounts on the NIP portal furnished by the NTMC.
NTMC’s personal investigation concluded that the agents utilized the NIP system much more often than other individuals, and accessed and gathered information and facts that was not related to them.
“Considering the context, this sort of irrelevant accessibility and unlawful handover of exceptionally sensitive classified information ought to be investigated to establish anyone involved in this and we also ask for for suitable motion in opposition to all those people identified/involved,” the letter browse.
Baker advised TechCrunch that there were a “number of Telegram channels,” incorporating that a person of them was known as BD CYBER GANG.
TechCrunch could not discover the unique channel on Telegram.
Make contact with Us
Do you have more information and facts about this incident, or comparable incidents? From a non-do the job gadget, you can get in touch with Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or by means of Telegram, Keybase and Wire @lorenzofb, or electronic mail. You can also attain out to Zulkarnain Saer Khan on Sign at +36707723819, or on X @ZulkarnainSaer. You also can call TechCrunch via SecureDrop.
Baker advised TechCrunch that it seems that the two brokers despatched the data to the administrator of at the very least one particular Telegram group, who then attempted to promote it.
Baker stated that the two brokers have been notified of the investigation.
Because of the investigation, all NIP end users from ATU and RAB 6 have experienced their entry suspended “until the involved officers are discovered, and appropriate action is taken,” in accordance to the letter.
Baker confirmed the suspended obtain, indicating that if brokers “need any info for investigation functions they can collect through Police and RAB HQ.”
Spokespeople for Bangladesh’s Ministry of Property Affairs and ATU did not reply to many requests for comment. A person pinpointing only as an “operations officer” at RAB 6 told TechCrunch that the agency experienced no remark.
Final yr, a stability researcher discovered that the NTMC was leaking people’s particular data on an unsecured server. The leaked facts involved authentic-entire world names, phone quantities, email addresses, areas and exam outcomes, in accordance to Wired. An additional Bangladeshi authorities agency, the Business office of the Registrar Common, Delivery & Loss of life Registration, also leaked citizens’ delicate information previous calendar year, as TechCrunch described at the time.
In both equally situations, the leaks were being uncovered by Viktor Markopoulos, a researcher who is effective at Bitcrack Cyber Protection.
When people have been important circumstances of details exposure, this incident allegedly involving the ATU and RAB 6 brokers is possibly a lot more damaging, supplied that the agents allegedly marketed info on-line in an try to revenue from their privileged obtain to categorised private information and facts.
Whilst the incident is underneath investigation, a effectively-put resource inside the government advised TechCrunch that there are however officers who are giving to offer citizens’ knowledge.