A Turkish hacker group dumped a considerable amount of secured consumer data of three Bangladeshi commercial banks online on Tuesday, claiming they were able to obtain the information by breaching the banks' internal servers.
The three banks are Dutch-Bangla Bank Ltd (DBBL), City Bank Ltd, and Trust Bank Ltd, reports cybersecurity-focused news website Data Breach Today.
Links to the file archives containing data from the above-mentioned banks have been posted from a Twitter account, supposedly operated by Turkish hacking group Bozkurtlar (Grey Wolves).
The notorious hacker group rose to fame after leaking data tied to Qatar National Bank and UAE's InvestBank recently. Along with the Bangladeshi banks, it also leaked secured consumer data of two Nepalese banks – Business Universal Development Bank and Sanima Bank.
Cybersecurity analysts contacted by Data Breach Today said while the data in the newest leak appears genuine, the volume of data from these banks is relatively small. The file archives posted 312KB for the DBBL, 11.2MB for City Bank, and 95KB for the Trust Bank, respectively.
When contacted, DBBL's Deputy Managing Director Abul Kashem Md Shirin told the Dhaka Tribune that the bank usually makes a certain amount of data public on its website and the hackers leaked information that is already public.
He said the bank provided vendors some information for maintenance of ATMs and that information has been made public by the hackers.
“No confidential data of our bank has been leaked,” he told our reporter Jebun Nesa Alo.
Ishtiaque Ahmed Chowdhury, managing director and CEO of Trust Bank, said: “We can confirm that the leaked data does not match that of our clients. Our bank is completely protected and the system was not hacked.”
City Bank's Additional Managing Director Mashrur Arefin said the leaked information was marketing data.
“We did not find any data from our server there and there was no trace of our system being hacked,” he added.
According to the Data Breach Today's preliminary analysis, the scope of the data varies widely. Quoting some researchers, the website says the leaked data shows that each of the zip files contains at least some customer information or account credentials.
Although another independent researcher, who requested anonymity, told the news website that the data posted for each of the banks appears to be old – the latest being from the City Bank dates to August 2015. This, he said, raises a question about whether the leaks are the result of recent breaches, as claimed by Bozkurtlar, or if the group has simple aggregated data from older incidents and posted it.
Quoting a security engineer, who was able to conduct some initial forensic tests on the breach, the news website reported that the data points to a “webshell” upload being used at the DBBL and Sanima Bank of Nepal.
A webshell is a piece of code uploaded to a server or computer, allowing attackers to gain access, escalate privileges as admin/root and control the entire system. It can also be used to extract the entire information stored in the system, explains Data Breach Today.
Thursday, June 04, 2026
