Dark web is full of illegal activities from hiring, selling, illicit content to data dumps – you can search and find any imaginable fraudulent activity here. In one of the recent data breach news involving the Dark Web is the leak of Pakistani mobile users data with up to 115 million PII (personally identifiable information) records.
This information came to light a few weeks back in April, 2020 from a Pakistani cybersecurity firm Rewterz, who discovered this dump on an undisclosed site on the dark web. Interestingly, the cyberattacker had intended to sell the 115 million Pakistani user records, with a minimum bid starting at 300 bitcoins (approximately 1.2 Million US Dollars). One of the USPs this text advertisement featured was the clean and organized csv format of the end-product. Take a look at the snapshot of the ad:
Who is Responsible for the Pakistani Data Breach?
Nothing substantial is known about the hacker. Even after much investigation, his name and identity remain hidden. All that can be certainly concluded is that this wasn’t their first data breach, as they seemed professional in how they approached the public broadcast. Moreover, these threat actors also held a premium account on the advertised hacker forum.
Cybersecurity experts are suspecting that the breach wasn’t on one telecom industry, but rather multi-organizational cyberattacks spread over a long period of time. Although, majority of the entries were from Jazz mobile network (formerly known as Mobilink)
Pakistani Data Dump - What it Contained?
According to the cyber attacker’s ad notice and a ZDNet report, the 115 million user dump included both individual citizens and local companies. Many data sets were verified through digital records or personal calls, and were further identified as a) Personally Identifiable Information and b) Telephony Related Information.
To get better picture of what information was leaked and potentially misused, let’s look into the CSV format column details:
- Customer ID and Full Name
- CNIC (Computerised National Identity Card) Number
- National Tax Number
- Detailed Address (with House No, Area, City, State, etc.)
- Mobile and Landline phone numbers
- Activation Dates and Status
Concerns Regarding the Millions of Pakistani Mobile Users Data Leak
A big chunk of Pakistani population will be influenced by this breach, with a number of possible misapplications of the data. The matter was immediately taken under investigation by the Federal Investigation Agency (FIA) and Pakistan Telecommunication Authority (PTA). But even a month later, no significant breakthroughs, updates or recoveries have been made.
#Pakistan is investigating the authenticity of a #Dubai-based cyber security company @rewterz report that claims the personal data of 115 million Pakistani mobile users is up for sale on #DarkWeb for $2.1m || @PTAofficialpk https://t.co/4IzVWaBxa8
— Arab News Pakistan (@arabnewspk) April 13, 2020
Deep analysis by cyber-researchers exposed that the telephone-subscription dates in the records date back upto 2013, which could mean that the attackers were sitting on this data since then, and allegedly could have exploited it.
Some fingers have also been pointed towards Jazz Mobile Company, but without tangible proof, it is still unclear to say who is to blame - the mobile operators, telemarketing firms or government organizations themselves.
Who would you put this responsibility on – The hackers or the companies who possibly couldn't secure their servers.
