Thursday, July 2, 2026
HomeNewsDigital Rights Advocates Urge AYA Bank to Protect Customers After Reported Data...

Digital Rights Advocates Urge AYA Bank to Protect Customers After Reported Data Breach

-

Digital rights advocates, including the Myanmar Internet Project (MIP), have urged AYA Bank to be transparent with its customers and implement emergency security measures after the bank was reportedly threatened by a hacker group.

According to MIP, the hacker group “lapsus$” claimed to have breached AYA Bank’s digital banking system at around 1:22 p.m. on June 26 and gained access to a large volume of customer data.

MIP’s analysis said up to 120 GB of data may have been compromised. The leaked information reportedly includes Personally Identifiable Information (PII) used when opening bank accounts, such as customers’ names, National Registration Card (NRC) numbers, dates of birth, phone numbers and residential addresses.

The hacker group also claimed that it would sell the stolen data if AYA Bank refused to pay a ransom.

MIP said the exposure of personal information cannot be resolved simply by changing passwords or replacing bank cards. It urged AYA Bank to provide long-term monitoring and protection for affected customers.

“It is not enough for the organization to announce that it is strengthening its cybersecurity. It must also implement concrete measures to protect customers,” an official from the Myanmar Internet Project said.

A business owner who uses AYA Bank said the bank had only posted a brief statement on its official social media pages saying it was enhancing security, without providing further information or directly notifying customers.

“There hasn’t been a rush of people withdrawing their money because of this. The bank hasn’t contacted customers with any special notification either. Everything is continuing as usual,” the customer said.

According to the report, the incident is not only a challenge for AYA Bank but also highlights broader weaknesses in the protection of personal data and digital systems used across Myanmar.

MIP also noted that Myanmar’s legal framework for protecting personal data remains weak, leaving people with limited legal safeguards or avenues to seek protection when their personal information is compromised.

Digital rights advocates further warned that the military junta’s ongoing National Database project could centralize citizens’ biometric data and other personal information in a single system. They said such databases could become attractive targets for hackers, increasing the risk of large-scale data breaches and significant harm if the information is exposed.

spot_img

Related articles

Stay Connected

29,362FansLike
0FollowersFollow
409FollowersFollow
40,200SubscribersSubscribe

Latest posts