Personal Data Of 115m Pakistanis For Sale

Uploaded on 2020-04-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Leading Pakistani cyber security company Rewterz has discovered a massive data dump containing information of 115 million Pakistani mobile phone users that is now for sale on the dark web.The cyber-criminal, who is a VIP member of the dark web forum where the advertisement has been placed, has set the asking price for this data dump at 300 Bitcoins equivalent to around $2.1 million. 

Rewterz’s Threat Intelligence team has analysed some of the samples from the telecom database up for sale and the data includes personal information of the users such as names, contact numbers, residential addresses, National Identity Card numbers and Tax Code Identity Numbers. ​

With a total popultaion of 220 million, the stolen data equates to the contact information for every adult in the nation.

The firm added that the cyber-criminal offering the data dump for sale is a VIP member of the dark web forum where the ad has been posted. “Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organised in a CSV with headers for your pleasure." the dark wed advertisement states.

Rewertz think that this data could be an outcome of multiple breaches or of a single breach of one or more mobile operators, although the given the sheer number of users suggests it is likely to be from more than one of the major service providers. 

None of the telecom operators immediately notified their customers that their data has been compromised. This could be because  the companies are unaware of the breach, the data is actually old or that they have deliberately chosen to keep their customers in the dark.

Rewertz researchers suggest that Pakistani organisations with outdated cyber security infrastructure have become an easy target of these actors and that some of the data may date from 2014.

Financially motivated threat actors are active in Pakistan and organisations with outdated cyber security infrastructure have become an easy target and if the data leak is new, it will raise serious questions on the protocols telecom companies are following regarding data security and privacy.

Rewterz:      ProPakistani:       Global Village:     TechJuice:        BusinessRecorder:

You Might Also Read:

35 Million 2018 US Voter Records For Sale:

 

 

 

 

« Big Tech Benefits From COVID-19
Pandemic: 'Normal' Crime Drops While Cyber Crime Jumps »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Panzura

Panzura

Panzura optimizes enterprise data storage management and distribution in the cloud, making cloud storage simple and secure.

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

Physec

Physec

Physec offers innovative security products and solutions for the Internet of Things ecosystem.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Cyber Physical Security Research Center (CPSEC)

Cyber Physical Security Research Center (CPSEC)

CPSEC aims to contribute to the security enhancement of industrial infrastructure that creates value across cyber space and physical space.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Concordium

Concordium

Concordium aims to build the world’s leading open-source, permissionless, and decentralized blockchain with built-in user identity at the protocol level.

Krypsis

Krypsis

Krypsys is an information security company with a focus on helping you defend your information and data against emerging security threats.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

TekSek Cyber Security

TekSek Cyber Security

Preparing you for tomorrow's security threats.

DataExpert Singapore

DataExpert Singapore

DataExpert Singapore provide solutions and services in the areas of Digital Forensics, Data Recovery, Data Duplication, Data Degaussing & Wiping, Data Destruction, and IT Disposal.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

HighGround

HighGround

HighGround offer a Cyber Security Solution for everybody, regardless of skillset, to feel empowered in their security experience in reaching Cyber Resilience.

Keytos

Keytos

Keytos has revolutionized the Identity Management and PKI industry by creating cryptographic tools that allow you to go password-less by making security transparent to the user.

BreachBits

BreachBits

BreachBits are on a mission to deliver world-class cyber risk insights continuously at scale in situations where knowing the true risk truly matters.

Bureau

Bureau

Bureau is a no-code, identity decisioning platform that offers businesses the complete range of risk, compliance and ongoing fraud monitoring solutions innovated with AI.