Authorities in Pakistan have announced a high-level inquiry into reports that people’s personal details, including those of federal ministers and senior officials, are being sold online.
On the orders of Federal Interior Minister Mohsin Naqvi, a special team from the National Cyber Crime Investigation Agency (NCCIA) has been tasked to investigate, with a report expected within 14 days.
According to a press release issued by the Interior Ministry, the team will conduct a comprehensive assessment of the situation and identify those involved in the data leak, ensuring they are held accountable through legal action.
Reports say data for all SIM holders, including that of Interior Minister Naqvi, was even advertised for sale on Google.
The records span from federal ministers to Pakistan Telecommunication Authority (PTA) spokesmen and employees of various government departments.
Give the gift of hope
We practice what we preach:
accurate, fearless journalism. But we can't do it alone.
- On the ground in Gaza, Syria, Israel, Egypt, Pakistan, and more
- Our program trained more than 100 journalists
- Calling out fake news and reporting real facts
- On the ground in Gaza, Syria, Israel, Egypt, Pakistan, and more
- Our program trained more than 100 journalists
- Calling out fake news and reporting real facts
Join us.
Support The Media Line. Save democracy.
According to media reports, the data offered for sale includes the addresses of mobile SIM owners, call records, copies of national identity cards, and details of overseas travel.
Intelligence sources have warned that malicious actors could exploit such data to target individuals at a low cost.
Reports say dozens of websites were selling sensitive data at low prices: mobile location information for 500 rupees, mobile data records for 2,000 rupees, and overseas travel details for 5,000 rupees.
Citizens are advised to change their passwords, enable two-factor authentication, verify the SIMs registered under their National IDs, and report any suspicious activity to the cybercrime authorities.
A few months ago, Pakistan’s National Cyber Emergency Response Team (PKCERT) issued a warning that the login credentials and passwords of more than 180 million internet users in Pakistan had been stolen in a global data leak and urged people to take immediate security measures.
According to PKCERT reports, the leak exposed usernames, passwords, emails, and related URLs linked not only to major social media services but also to government portals, banking institutions, and healthcare platforms.
Highlighting the possible impacts of the breach, PKCERT warned that the stolen credentials could be used for account hijacking, identity theft, and unauthorized access to government portals or other sensitive sites.
It also advised the public to change their passwords at least once a year and to check for possible data leaks through trusted online services.
In March 2024, a Joint Investigation Team, established to investigate a data breach at the National Database and Registration Authority, informed the interior ministry that the personal credentials of nearly 2.7 million individuals had been exposed between 2019 and 2023.
Some digital media rights activists claim that they raised the issue with authorities last year but argue that agencies, including the PTA and the NCCIA, did not take action.