Authorities of popular retail chain Shwapno have filed a general diary (GD) with the police seven months after the company’s customer database was hacked, with attackers demanding $1.5 million to prevent the release of stolen data.
Md Masum Billah, head of administration and crisis management at ACI Logistics Limited, lodged the GD on behalf of Shwapno at Tejgaon Industrial Area Police Station in Dhaka last night (28 March).
Confirming the development, Officer-in-Charge (OC) Mahmudur Rahman told The Business Standard that necessary steps are being taken in this regard.
When asked why legal action was taken seven months after the breach, Masum told TBS that at the time of the incident, the technical team had assured management that the data had been recovered and there was no issue, which is why no legal steps were initially taken.
“However, after learning last Friday that the data had been leaked on the dark web, we immediately sought assistance from law enforcement agencies,” Masum said.
He also confirmed that the company has taken all necessary measures to protect and secure customer databases and is working closely with the Counter Terrorism and Transnational Crime (CTTC) unit and the police’s cyber team.
The GD names the international cybercrime organisation “Qilin” ransomware group, hacker group “LockBit 5.0”, and other unidentified cybercriminals as accused.
According to the GD, prior to August last year, the Qilin ransomware group, LockBit 5.0, and other unidentified cybercriminals sent a malicious phishing link to the official emails of Shwapno employees.
Some employees clicked on the link, allowing malware to infiltrate the organisation’s network.
On 19 August at around 2pm, computers at the ACI Logistics Limited head office in Tejgaon suddenly became inoperable, followed by a message from the “Qilin” ransomware group.
The hackers demanded $1.5 million in exchange for not leaking the data, setting a 10-day deadline and threatening to release the information otherwise.
The GD further stated that immediately after the incident, Shwapno’s MIS (Management Information System) team disconnected internet access, inspected all devices, removed the malware, and strengthened security measures.
Approximately seven months later, on 17 March, the criminal group leaked over 410 GB of Shwapno’s data on the dark web via the LockBit 5.0 portal.
The leaked data included highly sensitive information such as customer personal details (names and phone numbers), supplier information (companies and individuals), contract documents, daily sales and bank deposit records, outlet-wise wastage and stock loss data, detailed product information, HR and administrative documents, outlet lists and contact details, internal policies, banking-related contact information, inventory and audit reports, and employees’ personal records.
The GD added that this breach poses a significant risk of financial, commercial, and reputational damage for Shwapno.
The hackers made customer data publicly accessible on the dark web, and it has also circulated on social media, further increasing the potential harm.
About The Author
