Srilanka, April 13 -- Amajor Sri Lankan bank is facing public scrutiny and regulatory questions after a catastrophic cybersecurity breach exposed more than 1.9 terabytes of data, over one million files, containing highly sensitive personal and internal information.

The breach, reportedly orchestrated by the ransomware group Hunters International, included National Identity Card (NIC) scans, phone numbers, bank account details, specimen signatures, and internal audit documents. Most alarmingly, the leak also included videos from Know Your Customer (KYC) onboarding sessions, showing customers displaying full IDs and reading out personal information.

The breach first surfaced publicly on March 20 through a social media post. Over the foll...