Data of 176 Million Pakistani Citizens Found For Sale On Dark Web

A new data dump has appeared online that includes key information about Pakistani citizens. Reportedly, the database up for sale now includes scraped data of 176 million Pakistani citizens’ communication details.

Pakistani Citizens Data For Sale

In a recent report, Hackread has disclosed a data dump on the dark web including details of 176 million Pakistani citizens.

This data put up for sale includes information about the users’ personal and communication details, including physical addresses.

Specifically, the database includes records of names, physical addresses, city, phone numbers, name of the telecom company to which the number belongs, national ID numbers (CNIC), IMSI numbers, activate dates, activate status, and biometric verification status.

Biometric verification is compulsory for all Pakistani citizens to have their SIM cards activated.

Analyzing the database reveals that the information may have been gathered after scraping, and is not a result of theft.

While the database only includes basic information, it may have potentially devastating results in the long run. That’s because verified numbers and CNIC are two key parameters in the country for the citizens to use major services.

Moreover, the easy availability of this information may also assist in other malicious activities such as SIM swapping, SMS phishing, identity theft scams, and more.

Malicious Android Apps Targeting Pakistan Users

Earlier this month, some malicious Android apps also caught attention that impersonated various legit apps meant for Pakistani citizens. However, the apps were actually spyware.

As revealed by Sophos, the major apps that the malware mimicked, included The Pakistan Citizen Portal, Registered SIMs Checker, Mobile Packages Pakistan TPL insurance, and Pakistan Salat Time – a Muslim prayer time app.

However, the malicious app versions didn’t appear on any legit app stores. Whereas, the legit apps continue to exist on the Google Play Store.

It is unclear if the scraped data has any connection with the Trojanized apps.

However, what’s clear is that Pakistani citizens should remain very about their data security. Especially, given the current cybersecurity status of the IT infrastructure in Pakistan and the vague cybersecurity regulations, paying attention to online security is crucial for all citizens.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients