Personal Data Of 115m Pakistanis For Sale

Leading Pakistani cyber security company Rewterz has discovered a massive data dump containing information of 115 million Pakistani mobile phone users that is now for sale on the dark web.The cyber-criminal, who is a VIP member of the dark web forum where the advertisement has been placed, has set the asking price for this data dump at 300 Bitcoins equivalent to around $2.1 million. 

Rewterz’s Threat Intelligence team has analysed some of the samples from the telecom database up for sale and the data includes personal information of the users such as names, contact numbers, residential addresses, National Identity Card numbers and Tax Code Identity Numbers. ​

With a total popultaion of 220 million, the stolen data equates to the contact information for every adult in the nation.

The firm added that the cyber-criminal offering the data dump for sale is a VIP member of the dark web forum where the ad has been posted. “Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organised in a CSV with headers for your pleasure." the dark wed advertisement states.

Rewertz think that this data could be an outcome of multiple breaches or of a single breach of one or more mobile operators, although the given the sheer number of users suggests it is likely to be from more than one of the major service providers. 

None of the telecom operators immediately notified their customers that their data has been compromised. This could be because  the companies are unaware of the breach, the data is actually old or that they have deliberately chosen to keep their customers in the dark.

Rewertz researchers suggest that Pakistani organisations with outdated cyber security infrastructure have become an easy target of these actors and that some of the data may date from 2014.

Financially motivated threat actors are active in Pakistan and organisations with outdated cyber security infrastructure have become an easy target and if the data leak is new, it will raise serious questions on the protocols telecom companies are following regarding data security and privacy.

Rewterz:      ProPakistani:       Global Village:     TechJuice:        BusinessRecorder:

You Might Also Read:

35 Million 2018 US Voter Records For Sale:

 

 

 

 

« Big Tech Benefits From COVID-19
Pandemic: 'Normal' Crime Drops While Cyber Crime Jumps »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

Join this webinar to learn how the cloud threat landscape is evolving and organizations are deploying more advanced and capable security controls at scale.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

Paessler

Paessler

Paessler is a leading worldwide provider of network monitoring software.

Nutanix

Nutanix

The Nutanix enterprise cloud platform provides performance, robust security, and seamless application mobility for a broad range of enterprise applications.

Insta Group

Insta Group

Insta are a trusted cyber security partner for security-critical companies and organizations.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

Ponemon Institute

Ponemon Institute

Ponemon Institute conducts independent research on data protection and emerging information technologies.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

Cowbell Cyber

Cowbell Cyber

Cowbell Cyber™ offers continuous risk assessment, comprehensive cyber liability coverage, and continuous underwriting through an AI-powered platform.

TechStak

TechStak

TechStak is the easiest way for businesses to find and connect with IT Pros and other technology solution providers in their area.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

Deepnet Security

Deepnet Security

Deepnet Security is a leading vendor in Multi-Factor Authentication (MFA) and Identity & Access Management (IAM).

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Cyber Security Consulting Services to help you secure your mission-critical systems.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

Cranium

Cranium

Cranium are an international consultancy organisation specialised in privacy, security and data management.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.