Data of thousands Pakistani citizens sold on Dark Web platforms
Learn More
A significant data breach is being investigated in Pakistan. The incident has exposed sensitive personal information of thousands of citizens, and compromised data is being sold across multiple dark web platforms.
The incident was publicized through investigative reporting by Express News. The cause of the attack has not been disclosed by authorities. The scale and nature of the breach suggests structured attack targeting multiple telecommunications and government databases.
The data soldn on the dark web includes:
- Mobile SIM owners' addresses and connection details
- Call logs and detailed mobile data records
- Copies of national identity cards (CNICs)
- International travel details and foreign trip records
- Mobile phone location data
- Information linked to International Mobile Equipment Identity (IMEI) numbers
The number of affected individuals has not been disclosed, but reports mention "thousands" of Pakistani nationals, from high-ranking government officials to ordinary citizens.
Interior Minister Mohsin Naqvi has ordered an investigation following the public exposure of the breach.
In May 2024, the National Cyber Emergency Response Team (PKCERT) warned that login credentials and passwords of more than 180 million internet users in Pakistan had been stolen in a global data breach involving infostealer malware. Additionally, a Joint Investigation Team formed to probe a data leak from the National Database and Registration Authority (NADRA) reported that credentials of 2.7 million Pakistani citizens had been compromised between 2019 and 2023.
