Personal information of the country's nearly 5.5 crore smart National Identity Card holders is now available in a Telegram channel, officials have acknowledged.
A Telegram bot provides people's names, gender, parents' names, phone numbers, addresses, photos, and other details when a 10-digit NID number is entered, many have said.
Mohammad Ashraf Hussain, system manager at the NID wing of the Election Commission, said he learned about the matter on Tuesday but had no idea who was behind the Telegram channel.
He added that it has been identified that information was being leaked through one of the 174 organizations that have access to the NID server.
"Appropriate action is being taken in this regard," he said but refused to name the organization.
"Organisations take information from the Election Commission for their portals. Sometimes, their portals have weaknesses and end up getting compromised," he added.
However, AKM Humayun Kabir, director general of the NID wing, said he was not aware of the matter, adding that the NID server is safe.
On June 7, TechCrunch, a San Francisco-based online publisher of start-up and technology industry news, reported that the personal information of about 5 million Bangladeshi nationals had been leaked from a government website.
Zunaid Ahmed Palak, the state minister for ICT, then said the leak happened through a breach in the server of the Office of the Registrar General.
The leaked data included names, phone numbers, email addresses, and national ID numbers of people.
Following that breach, ICT experts recommended that the EC keep round-the-clock surveillance on the organizations that avail services from the NID server.
They also suggested the EC conduct vulnerability assessments and penetration tests on the server at regular intervals to identify vulnerabilities.
Jahangir Alam, a resident of Mirpur who was aggrieved by the leak said that this leak of personal information was a threat to his personal safety.