A threat actor has allegedly put a database containing over one million records from the Bangladesh Road Transport Authority (BRTA) up for sale on a dark web forum. The BRTA is the government body responsible for regulating the road transport sector, issuing driving licenses, and registering vehicles throughout Bangladesh. The agency, which operates under the Ministry of Road Transport and Bridges, is fundamental to the nation’s transportation infrastructure, holding sensitive data on millions of citizens and vehicles.
The seller posted the database for sale earlier today, claiming it contains 1,008,506 unique records with a breach date of July 31, 2025. The data, priced at $1200, allegedly includes a vast amount of personally identifiable information (PII). A sample of the data was provided in the listing to demonstrate its authenticity. The exposure of such information could lead to widespread identity theft, targeted phishing attacks, and other malicious activities against the individuals whose data has been compromised.
According to the forum post, the compromised database includes the following sensitive details:
- Username
- National ID (NID) Number
- Date of Birth
- Father’s Name (in Bangla and English)
- Mother’s Name
- Passport Number
- Contact Number
- Email Address
- Full address details including Village, Road, District, Thana, and Post Code
