
A major technical failure at Election Commission (EC) website on Saturday exposed the sensitive personal data of approximately 14,000 journalists.
The leaked data included National ID (NID) numbers, mobile phone numbers, and full application copies of media professionals who had registered online for accreditation cards and vehicle stickers ahead of the upcoming 13th National Parliamentary Election and national referendum.
The breach occurred via the EC’s dedicated portal, pr.ecs.gov.bd, which had been launched to modernize the accreditation process.
On Saturday afternoon around 4:00 PM, users found that logging into the site immediately displayed a comprehensive list of all applicants on the home page. The system allowed anyone to access and open full application files, revealing private contact details and identification numbers.
However, access to the website was disabled shortly after the vulnerability was discovered.
The EC Public Relations wing had initially made digital applications mandatory, requiring journalists to provide NIDs, email addresses, and mobile numbers verified via One-Time Passwords (OTP). However, after facing intense protests and an ultimatum from the Election Commission beat reporters, Chief Election Commissioner (CEC) A.M.M. Nasir Uddin withdrew the mandatory online requirement last Thursday, reverting to the traditional manual application method.
Responding to the leak, Md. Ruhul Amin Mallick, Director of EC’s Public Relations wing, stated that the online system had supposedly been deactivated on Friday. "We are investigating how it became accessible today," Mallick said.
He later clarified that the official responsible for site administration had briefly opened the portal on Saturday afternoon, leading to the public exposure of the data. He confirmed that the website has since been taken offline to prevent further unauthorized access.