Two senior police officials in Bangladesh have been accused of sharing citizens’ personal information from a highly classified government database with criminals, according to a letter seen by TechCrunch. It is alleged that the information sold included national identity details, cell phone records, and other sensitive data.
According to the letter, which is dated April 28 and signed by a senior Bangladeshi intelligence official, the two officials were caught after an investigation into logs from the National Telecommunications Monitoring Center (NTMC), the country’s electronic eavesdropping agency. The letter, originally written in Bengali, reveals that the police agents accessed and sold private citizen information on Telegram in exchange for monetary gain.
One of the accused officials is a police superintendent working for the Anti-Terrorism Unit (ATU), while the other is an assistant police superintendent deputy at Rapid Action Battalion (RAB) 6, a paramilitary unit that has faced controversy in the past. It is unclear if the officials have been charged under the country’s legal system, and their identities have not been revealed.
The NTMC, which operates under the Ministry of Home Affairs, is responsible for monitoring telecommunications traffic, intercepting communications, and detecting and preventing national security threats. However, the agency has faced criticism from organizations like Human Rights Watch and Freedom House for lacking safeguards against abuses of free speech and privacy. The agency has also reportedly purchased advanced surveillance technology from countries like Israel, despite the country not officially recognizing it.
As part of its duties, the NTMC oversees the National Intelligence Platform (NIP), an internal government web portal that contains classified information on citizens, including national identification details and criminal profiles. Various law enforcement and intelligence agencies have user accounts on the platform.
The NTMC’s investigation found that the two agents had been accessing the NIP platform more frequently than others and obtaining information that was not relevant to their duties. The letter states that this irrelevant access and sharing of highly sensitive data should be thoroughly investigated and appropriate action taken against all involved.
In an interview with TechCrunch, Brigadier General Mohammad Baker, director of the NTMC, confirmed that there were a “number of Telegram channels” involved in the incident, including one called BD CYBER GANG. However, this specific channel could not be identified.
If you have more information about this incident or similar incidents, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, via Telegram, Keybase, and Wire at @lorenzofb, or by email. You can also reach out to Zulkarnain Saer Khan on Signal at +36707723819 or on X at @ZulkarnainSaer. Alternatively, you can contact TechCrunch via SecureDrop.
According to Baker, it appears that the two agents shared the information with the administrator of at least one Telegram group, who then attempted to sell it. The two agents have been notified of the investigation, and their access to NIP has been suspended.
The Ministry of Home Affairs and the Anti-Terrorism Unit did not respond to requests for comments, while an operations officer at RAB 6 declined to comment. This incident follows previous cases of data exposure by the Bangladeshi government, including a leak of personal information found by security researcher Viktor Markopoulos.
While previous incidents were significant, this instance allegedly involving the ATU and RAB 6 agents is particularly concerning due to their supposed attempt to profit from their access to highly classified information. Despite ongoing investigations, sources within the government state that there are still officials who are offering to sell citizens’ data.
