On September 9, 2025, the streets of Kathmandu and cities across Nepal were transformed by a force few had anticipated: the country’s Gen-Z, a generation raised in the shadow of chronic corruption, finally erupted in protest. What began as a movement for accountability quickly escalated into a nationwide reckoning, exposing both the fragility of Nepal’s public institutions and the resilience of its digital infrastructure. The aftermath has left Nepal facing not only the scars of burned buildings and looted offices, but also the invisible threat of stolen data and cyber insecurity—a challenge that could shape the nation’s future for years to come.
According to senior journalist Hari Bahadur Thapa, speaking at the MediaTalk series-xl (40) on November 30, 2025, the Gen-Z movement “has made Nepal’s deepening ‘state of capture’ more visible, exposing how powerful elites manipulate state institutions for personal benefit.” Thapa, an authority on parliamentary and accountability reporting, emphasized that “Nepal’s battle against corruption demands a clear understanding of its deep historical roots, a reality that today’s youth must confront as they push for systemic change.”
For many young Nepalis, the protests marked the first time they felt truly empowered to challenge a system that had long failed them. As reported by Republica, the demonstrations were “raw, emotional, and unrelenting, fueled not by political elites but by ordinary young Nepalis who refused to stay silent.” The movement was a breaking point, a collective demand for more than empty reforms and halfhearted promises. It was about rebuilding trust in institutions and proving that even in a small developing nation, people can stand up to entrenched corruption and be heard.
Yet, every revolution comes at a cost. The Gen-Z protests, which escalated into violence on September 9, left burned government buildings and smashed vehicles in their wake. The headlines focused on the visible destruction—arson, vandalism, and chaos—but as cyber investigator Limbu reported for the NAS-IT Cybersecurity Committee, the deeper damage spread quietly through server rooms, offices, and data centers. Stolen laptops, scorched hard drives, and looted storage media opened a new and dangerous front: one where cyber threats now replace tear gas, ransomware stands in for batons, and data theft becomes the weapon of choice.
Despite the flames that tore through Kathmandu, Nepal’s core IT systems demonstrated remarkable resilience. The Integrated Data Management Centre (IDMC), formerly the Government Integrated Data Center (GIDC), remained unharmed even as a neighboring building burned. Manish Bhattarai, head of the IDMC under the National Information Technology Centre, explained that both the Kathmandu facility and its disaster recovery site in Hetauda stayed safe. “The center hosts thousands of government websites and records, including finance, police, and national ID data,” Bhattarai noted. Officials warned that if the facility had been lost, “the country would have gone blank.”
Not all institutions were so fortunate. The Department of Transport Management (DoTM) central office in Minbhawan suffered a massive fire, destroying the license-printing machine and embossed number-plate plant, paralyzing core services. Department officials estimated losses at approximately NPR 120–150 million. Local servers at the Investment Board Nepal (IBN) were incinerated, though data survived at the main data center. The Commission for the Investigation of Abuse of Authority (CIAA) in Kathmandu and its regional offices were heavily looted and damaged, with digital equipment—including desktop computers, laptops, hard disks, scanners, cameras, iPads, and mobile phones—stolen alongside non-digital items and official vehicles.
The Supreme Court’s offices were not spared entirely, sustaining some damage during the protests. However, court officers confirmed that there was no major destruction of buildings or digital infrastructure, and they were preparing data recovery using existing digital backups. There have been no reports of unencrypted data being compromised from the court’s systems.
It was at the provincial and local government levels where the impact was most severe. More than 300 municipal and rural offices were torched or looted nationwide. In some cities, officials reported up to 95% destruction of municipal property and IT infrastructure, paralyzing essential services such as land records, tax collection, and permit issuance. One metropolitan area saw 26 of its 33 ward offices burned, with computers and files stolen before the fires. Smaller towns across multiple provinces experienced similar devastation, with at least 36 rural ward offices fully destroyed and another 25 partially damaged. The loss of paper archives, PCs, and local servers left many municipalities unable to function.
The private sector was not immune. Major internet service providers lost data centers to fire, taking services offline for days. Telecom operators faced vandalism at headquarters and regional offices, but core systems, switching, towers, and backbone links remained intact, allowing mobile service to continue nationwide. Some carriers even offered free calls and data during curfews to keep people connected. Retailers suffered as well, with fires destroying about 1,500 point-of-sale terminals in major supermarket chains.
Yet, perhaps the greatest risk lies in what was stolen, not what was destroyed. Devices taken from government offices, municipal branches, courts, and regulatory bodies were not just machines—they were live gateways. Many contained user credentials, VPN profiles, OAuth tokens, personally identifiable information, ID scans, tax and land records, employee directories, confidential government documents, and more. The potential for identity theft, fraud, account takeovers, phishing, national security breaches, and blackmail is immense. Criminal networks can rapidly exploit this data, selling it on dark-web markets and using it for targeted attacks or extortion.
Who stands to benefit from this digital chaos? The NAS-IT Cybersecurity Committee identified several threat actors: opportunistic criminals seeking quick profits, organized crime groups capable of running persistent fraud rings, hacktivist crews aiming for publicity and pressure, and state-sponsored actors who may exploit the situation for long-term intelligence collection or political leverage. The committee warns that the cycle of harm—fraud, extortion, and exposure of sensitive data—could persist for months or even years.
In response, the NAS-IT Cybersecurity Committee has issued a series of urgent recommendations. These include establishing a national cyber crisis team, prioritizing the identification and containment of data exposures, resetting government employee accounts, publishing records of stolen devices, continuous monitoring of leaked data, staff training against phishing, enforcing disk encryption and remote wipe capabilities, conducting data integrity audits, and migrating municipal workloads to a central government cloud with offline failover. The committee also calls for new legislation to hold agencies accountable for weak security controls and to require encryption by default.
As Fr. Dr. Augustine Thomas, S.J., principal of St. Xavier’s College, reflected, “When ideologies, social media noise, and vested interests grow louder, it becomes the duty of academicians to present a clearer picture from a fair and informed perspective. By focusing on how corruption affects our society and how accountability can improve public life, we help students see the issue with clarity and responsibility.”
Chun Bahadur Gurung, Faculty Lead of Journalism at St. Xavier’s College, added, “The people with ‘power and money’ hold all the cards. No matter how they made their fortune, they are respected and have greater influence in their communities. This severely harms good governance and the culture of accountability.”
The Gen-Z protests have left Nepal at a crossroads. The flames may be out, but the real fire now smolders in stolen credentials, compromised tokens, and looted records. Rebuilding offices is necessary, but it is not sufficient. Nepal must secure its digital foundations and act quickly to restore public trust, economic stability, and national security. The coming months will reveal whether the country can rise to meet this unprecedented challenge—and whether its youth can turn protest into lasting progress.
