Brinztech Alert: Database of Link3 is on Sale

Dark Web News Analysis

A threat actor on a known cybercrime forum is claiming to sell a database that they allege was stolen from Link3, a major IT and Internet Service Provider (ISP) in Bangladesh. According to the seller’s post, the database contains the records of 209,000 users, with a breach date of September 7, 2025. The purportedly compromised information is extensive, including full names, phone numbers, email addresses, usernames, passwords, and full addresses of employees and clients. The data is being offered for sale for $400.

This claim, if true, represents a national security incident of the highest severity for Bangladesh. The post highlights that Link3 is reportedly the only ISP connected to every bank in the country. A compromise of this central and critical infrastructure provider is a catastrophic supply chain threat. It could provide a malicious actor with a direct path to launch sophisticated attacks against the entire Bangladeshi financial sector, in addition to enabling mass fraud and identity theft against the ISP’s direct customers.

Key Cybersecurity Insights

This alleged data breach presents a critical and systemic threat:

• A Catastrophic Threat to the National Banking Sector: The most severe risk is the claim that Link3 is a sole provider of connectivity to all banks in Bangladesh. A compromise of this ISP could allow an attacker to monitor, intercept, or disrupt financial transactions on a national scale, or use their trusted position to attack the banks directly.
• High Risk of Widespread Credential Stuffing and Phishing: The alleged leak of passwords and contact details for over 200,000 users is a severe threat. This data will be immediately used for mass credential stuffing attacks and for highly targeted, localized phishing and smishing (SMS phishing) campaigns against Bangladeshi citizens.
• Compromise of Critical National Infrastructure: As a major national ISP, Link3 is a piece of critical infrastructure. A breach of its systems and customer data is a significant national security event that could be exploited by state-sponsored actors for espionage or widespread disruption.

Mitigation Strategies

In response to a threat of this magnitude, the government of Bangladesh, Link3, and the entire financial sector must take immediate and decisive action:

• Launch an Immediate National Emergency Investigation: The Bangladesh government, through its national cybersecurity incident response team (BGD e-GOV CIRT) and its central bank, must immediately launch a top-priority investigation to verify this extremely severe claim and assess the systemic risk.
• Proactive Communication to all Financial Institutions: Link3 has a critical responsibility to proactively notify all of its banking clients about the potential breach. These institutions must immediately heighten their own security posture, monitor for attacks originating from the ISP’s network, and take steps to protect their customer accounts.
• Mandate a Nationwide Security Overhaul: This incident, if confirmed, would be a monumental failure of critical infrastructure security. It must trigger a mandatory security audit of all major ISPs and financial institutions in Bangladesh. All Link3 users should be forced to reset their passwords, and Multi-Factor Authentication (MFA) should be mandated.

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com