May 6, 2020

115 Million Pakistani User Data Leaked on Dark Web | Data Dump Details & Full Report

Pakistani mobile users PII data leaked and up for sale on Dark Web for $1.2 million, putting sensitive, personal citizen information at risk. See what the government and targeted telecom companies have to say.

115 Million Pakistani User Data Leaked on Dark Web | Data Dump Details & Full Report

Dark web is full of illegal activities from hiring, selling, illicit content to data dumps – you can search and find any imaginable fraudulent activity here. In one of the recent data breach news involving the Dark Web is the leak of Pakistani mobile users data with up to 115 million PII (personally identifiable information) records.

This information came to light a few weeks back in April, 2020 from a Pakistani cybersecurity firm Rewterz, who discovered this dump on an undisclosed site on the dark web. Interestingly, the cyberattacker had intended to sell the 115 million Pakistani user records, with a minimum bid starting at 300 bitcoins (approximately 1.2 Million US Dollars). One of the USPs this text advertisement featured was the clean and organized csv format of the end-product. Take a look at the snapshot of the ad:

Pakistani data leak

Who is Responsible for the Pakistani Data Breach?

Nothing substantial is known about the hacker. Even after much investigation, his name and identity remain hidden. All that can be certainly concluded is that this wasn’t their first data breach, as they seemed professional in how they approached the public broadcast. Moreover, these threat actors also held a premium account on the advertised hacker forum.

Cybersecurity experts are suspecting that the breach wasn’t on one telecom industry, but rather multi-organizational cyberattacks spread over a long period of time. Although, majority of the entries were from Jazz mobile network (formerly known as Mobilink)

Pakistani Data Dump - What it Contained?

According to the cyber attacker’s ad notice and a ZDNet report, the 115 million user dump included both individual citizens and local companies. Many data sets were verified through digital records or personal calls, and were further identified as a) Personally Identifiable Information and b) Telephony Related Information.

To get better picture of what information was leaked and potentially misused, let’s look into the CSV format column details:

  • Customer ID and Full Name
  • CNIC (Computerised National Identity Card) Number
  • National Tax Number
  • Detailed Address (with House No, Area, City, State, etc.)
  • Mobile and Landline phone numbers
  • Activation Dates and Status
Pakinstani user data dump
Source: ZDNet

Concerns Regarding the Millions of Pakistani Mobile Users Data Leak

A big chunk of Pakistani population will be influenced by this breach, with a number of possible misapplications of the data. The matter was immediately taken under investigation by the Federal Investigation Agency (FIA) and Pakistan Telecommunication Authority (PTA). But even a month later, no significant breakthroughs, updates or recoveries have been made.

Deep analysis by cyber-researchers exposed that the telephone-subscription dates in the records date back upto 2013, which could mean that the attackers were sitting on this data since then, and allegedly could have exploited it.

Some fingers have also been pointed towards Jazz Mobile Company, but without tangible proof, it is still unclear to say who is to blame - the mobile operators, telemarketing firms or government organizations themselves.

Who would you put this responsibility on – The hackers or the companies who possibly couldn't secure their servers.

To read the official update from Rewterz, click here.