The Nepal Police, the national law enforcement agency of Nepal, has allegedly become the victim of a significant data breach, with a large cache of sensitive information reportedly being offered for sale online. The Nepal Police, established in 1955, is a crucial institution responsible for maintaining law and order, investigating crimes, managing traffic, and leading disaster response operations under the Ministry of Home Affairs. The compromise of its data could have serious implications for national security and the privacy of individuals connected to the agency.
A threat actor is allegedly selling a 48 GB data dump purportedly originating from the Nepal Police website (www.nepalpolice.gov.np). The actor is demanding $15,000 for the information. The contents of the breach allegedly include a wide array of personally identifiable information and official records. This incident highlights the persistent threats faced by governmental organizations and the critical need for robust cybersecurity measures.
The compromised data allegedly includes:
- ID CARD ( FRONT/ BACK )
- FACE IMAGE
- SIGNATURE
- FIRST NAME
- LAST NAME
- GENDER
- AGE
- BIRTH YEAR
- ROLL NUMBER
- ADVERTISEMENT NUMBER
- CLASSIFICATION
- EXAM TITLE
- ADVERTISEMENT DATE
- EXAM CENTER
- CATEGORIES APPLIED UNDER
