History of Data Breach in Nepal!

In a time where technology has found a way to replace almost everything, digitization has been widely adopted and in use. Although at different rates of speed, everyone has been exploring and finding ways to do things online globally. But, with all our information in a cloud or on the internet, it poses a big question mark on their safety. Is our data safe?

Well, like almost everything has a loophole, the info online is also not always safe. And yes there are events of data breach time and again.

In Nepal, the data breach has been quite more frequent lately. 


The data breach comes under one of the common and dangerous risks of the internet. Technically it means sensitive & confidential information getting released or exposed intentionally or unintentionally. Generally, data breaches take place due to cybercriminals who can infiltrate a data source and expose data. They can do so physically, by stealing laptops, hard drives, or electronically through unethical hacking. 

data breach

Data breach in Nepal

The data breach in Nepal has become quite a topic these days.

One of the earliest cases of a data breach in Nepal was in 2013. Then police arrested Naresh Lamgade for hacking into accounts of Nabil Bank’s customers. He did so by creating a fake website of the bank. He sent out links to change passwords to the consumers. And whoever clicked on them exposed their private banking details and passwords. Later on, the users of Nepal Investment Bank and Bank of Asia in Nepal also experienced a similar case. 

Another major data breach in Nepal was in 2017 when NIC Asia bank also got under attack. Hackers initiated $4.4 million through the interbank messaging app SWIFT. The hackers transferred money to six different accounts in six different countries. However, immediately through the suspicious transaction, the NIC Asia Bank was able to recover $3.9 million. But the rest was already released to the overseas bank.

Another large data breach in Nepal was when Vianet was hacked. In 2020 Vianet, one of Nepal’s popular ISP got hacked and the information of 1,70,000 customers got released. The hacker entered through a bug found in the system. The users’ names, numbers, and emails were completely exposed. Although the passwords were not leaked it was advised to change them immediately.

Also Read: Get Paid From Hacking!

In 2020 again, another major platform got hacked. Foodmandu the online food delivery service saw unauthorized access to customer data. The hacker uploaded all the information of 50 thousand foodmandu users on their Twitter account! The hacker wrote he was tired of Nepalese companies neglecting their security vulnerabilities. And he was teaching lessons with this hack. 

Not only these, last week only another major data breach happened in Nepal. This time the victim was National Cooperative Bank Limited. The hacker uploaded the leaked data on the raid forums to download for anyone who needs it.

These are only some representative cases that Nepal has seen recently. As the hacker itself expressed that the companies and businesses are neglecting security, there is a dire need for this to change. 

Since every detail of a person is online, information as sensitive as numbers and banking details should be protected way more strongly than it is. These recent breaches in Nepal do indeed teach the importance and urgency to strengthen security. 

Cases around the world

The data breach has unfortunately been a common danger all over. Not only in Nepal, but many top companies have also faced these problems throughout the years.


In March of 2018, it became public that the personal information of more than a billion Indian citizens stored in the world’s largest biometric database could be bought online.

This massive data breach was the result of a data leak on a system run by a state-owned utility company. The breach allowed access to private information of Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and their bank details.

It is one of the biggest breaches because it exposed 1.1 billion people’s personal information.


Facebook data breach which happened in 2019 created a big spur in all media. Since it is one of the most used social media platforms, their data breach meant a lot of people’s information. To be exact 540 million! All its user’s messages, information, pictures, and videos were exposed.

Marriott/ Starwood

In 2018 hotel Marriott announced that approximately 500 million of its users’ information got hacked. Hackers had gotten into the Starwood system and reached all their customer’s information. Besides the hackers had remained in their system for 2 years! The kind of sensitive information exposed was the name, number, passport number, email & address. 


In 2013 Yahoo disclosed that their system was hacked. And the hackers stole about 1 billion of its users’ information. They encouraged its users to change the security question and passwords. Yet, by 2017 the estimate was about 3 billion accounts! Making it another one of the biggest data breach cases globally.


In May 2019, Canva, the online graphic design tool was also a victim of a data breach. Information of 137 million users was exposed. Canva promotes its users to change their passwords and OAuth tokens. 

It’s almost shocking to see that almost every major application or platform has been a target for the data breach. Data breaches in Nepal as well as in the world seem to be happening more frequently and exposing more and more of users’ information. 

The user seems not to be too affected by all these breaches but that is because they do not know what these people will be doing with their information. It is only because we are not facing the consequences, that we are not much worried. We do not know what the hackers intend to do with our information. 

Nevertheless, users, as well as major companies, should tighten security regarding sensitive information. Digital security can not be overlooked any longer. 

Leave a Reply

Your email address will not be published. Required fields are marked *