Name, CNIC and address of 115 million Pakistanis is up for sale on the dark web
No telecom company has disclosed the news of information breach to its customers, which raises serious questions about their data security.
A Pakistani cybersecurity company has come across data dumping which contained information of over 115 million mobile phone users. The information was up for sale on the dark web.
The cybercriminal is a VIP member of the dark web forum and set the price for the data dump at 300 Bitcoins (BTC) or $2.1 million.
According to the advertisement description, the telecom database was hacked this week.
‘’The Database has been freshly hacked this week. This data was still being updated as I took the data down. Beautifully organized in as CSV with headers for your pleasure’’, the hacker wrote on the dark web.
Rewterz’s Threat Intelligence team analyzed samples from the telecom database up for sale. The data included personal information of users such as contact numbers, residential addresses, NTN numbers, names, and CNIC numbers.
The Threat Intelligence team noticed that threats like these are common in Pakistan and organizations have an outdated cybersecurity infrastructure which is why they become an easy target for these hackers.
The team further noted that there is a chance that more telecom companies may also have their data compromised. It is unsure whether this data has been stolen as a result of a single breach or multiple breaches over time.
The latest data is from 2014 and none of the latest number schemes are mentioned.
Up till now, no telecom company has disclosed the news of information breach to its customers, which raises serious questions about their data security. It is possible that the companies have no idea about the breach or have chosen to keep their customers in the ‘dark’.
What are your views on this? Share in the comments bar below.