Saturday Jun 15, 2024
Saturday Jun 15, 2024

Have data breaches become common in Nepal?

Numerous instances of data breaches in the country raises serious questions on the country's data security

2022 May 08, 7:14, Kathmandu
Photo : Representative image/flickr

With the incidents of data breaches around the globe and in Nepal, it has become extremely important to protect our information  in an evolving digital world. Maintaining data security has become more important than ever for businesses and organizations to operate in the digital space, without facing financial loss and reputational harm.

The incidents of hacking are posing a severe threat to Nepal’s cyberspace and data security. On the 27th of June 2017, the Department of Passport got hacked. Hackers then threatened the Government of Nepal to reveal the government's data. Similarly, On the 25th of July, 2017, 58 government websites were reportedly hacked simultaneously by a group of hackers called ‘Paradox Cyber Ghost’.

Additionally, on the 8th of April 2020, the information system of a popular internet service provider in Nepal, Vianet, got hacked. The incident resulted in the leak of data of 160,000 customers of Vianet Communication. A person with  the Twitter handle, @paapi_kto_mah, publicized the customers’ data. Food delivery services like Foodmandu, have also been attacked by hackers, the data of their customers, including mailing addresses, email addresses and phone numbers  was dumped.

On the matter, the Chief Technology Officer and co - founder of Cryptogen Nepal says, “ Ethical hacking is very important for business and organizations as their information systems have sensitive information stored in them which the hacker can misuse.” Cryptogen Nepal provides dynamic cyber security services to make businesses and organizations resilient for data breaches.

Photo : Representative image/ wikimedia commons
Photo : Representative image/ wikimedia commons

Lawfully identifying weakness on information systems in order to further solidify the system is known as ethical hacking. Ethical hacking courses are highly sought after these days in the IT sector with many training institutions in Nepal providing credit courses on ethical hacking. As hacking information systems is rampant in the new digital era, ethical hacking is a profitable profession. Businesses across Nepal are now recruiting ethical hackers in order to ensure their data safety. Certified ethical hackers work as Information Security Expert, Networking Security Professional, Information System (IS) Auditors and System Administrators in government and non - government organizations.

With the democratization of technology, cyberspace has become a place where users fall prey to financial scams, information theft and blackmailing. Instances of personal social media handles being hacked is also prevalent in Nepal. To hold cyber criminals accountable, the Nepal Police established a cyber-bureau on June 10, 2018. It is located in Bhotahiti, Kathmandu.

Citizens who reside in the valley pay a visit to the bureau to file a complaint whereas those residing outside do it via mail or an in-person visit to the local police station. The bureau receives many cases related to character assassination and defamation mostly through social media platforms.

Suyash Nepal, a cyber security engineer at Nepal’s leading cyber security enterprise ThreatNix, says, “There is still little awareness in the general public about maintaining cyber security. However, in the corporate world, people are undeniably concerned about their companies' data security."

Setting an easy and repeated password for multiple online platforms increases the vulnerability of the person to get their accounts hacked and manipulated against their will. Moreover, the use of pirated software, hardware or application also plays a major role in increasing one’s susceptibility to fall victim to invasion of privacy and data theft. Inspector Raj Kumar Khadgi at the cyber bureau recommends not making one’s social media profile public and consulting the cyber bureau for help if anything wrong happens. Hiding or deleting one’s account after an unwanted incident makes the culprit stronger, according to him. However, in the case of internet service providers who themselves use customer data itself, “ The proper monitoring of data usage in Nepal lacks, in the case of internet service providers using customer data.” says Chief Technology Officer of  Cryptogen Nepal, Nirmal Dahal.

Photo : Representative image/ pixabay
Photo : Representative image/ pixabay

New delivery channels such as ATM, internet banking, mobile banking increases the risk of financial loss and electronic frauds. In order to manage IT related risks the Nepal Rastra Bank has set Information Technology Guidelines which all banks operating in Nepal are obliged to follow. According to it, all banks in Nepal should have a board approved IT related strategy and policy and it should be reviewed at least annually. Band banks should designate a senior official of the bank as Information Security Officer (ISO) who will be responsible for enforcing information security policy of the bank. The government of Nepal, has also recommended to deploy a strong cryptography and end-to-end encryption to protect customer PINs, passwords and other sensitive data in the bank network.

 “ To be very honest, only the banks in Nepal, make IT audits as the Government of Nepal, has issued IT guidelines which obliges them to protect their information systems, but the fact is other organizations like health institutions also have sensitive data of customers stored in them but they hesitate to make similar audits in order to save money.” Nirmal Dahal, the Chief Technology Officer of Cryptogen Nepal concludes.


Hacking data security in Nepal IT Audits social media
Nepal's First Online News Portal
Published by Nepalnews Pvt Ltd
Editor: Raju Silwal
Information Department Registration No. 1505 / 076-77


Kathmandu, Nepal,


[email protected]

Terms of Use Disclaimer
© NepalNews. 2021 All rights reserved. | Nepal's First News Portal