Personal Data Of 115m Pakistanis For Sale

Leading Pakistani cyber security company Rewterz has discovered a massive data dump containing information of 115 million Pakistani mobile phone users that is now for sale on the dark web.The cyber-criminal, who is a VIP member of the dark web forum where the advertisement has been placed, has set the asking price for this data dump at 300 Bitcoins equivalent to around $2.1 million. 

Rewterz’s Threat Intelligence team has analysed some of the samples from the telecom database up for sale and the data includes personal information of the users such as names, contact numbers, residential addresses, National Identity Card numbers and Tax Code Identity Numbers. ​

With a total popultaion of 220 million, the stolen data equates to the contact information for every adult in the nation.

The firm added that the cyber-criminal offering the data dump for sale is a VIP member of the dark web forum where the ad has been posted. “Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organised in a CSV with headers for your pleasure." the dark wed advertisement states.

Rewertz think that this data could be an outcome of multiple breaches or of a single breach of one or more mobile operators, although the given the sheer number of users suggests it is likely to be from more than one of the major service providers. 

None of the telecom operators immediately notified their customers that their data has been compromised. This could be because  the companies are unaware of the breach, the data is actually old or that they have deliberately chosen to keep their customers in the dark.

Rewertz researchers suggest that Pakistani organisations with outdated cyber security infrastructure have become an easy target of these actors and that some of the data may date from 2014.

Financially motivated threat actors are active in Pakistan and organisations with outdated cyber security infrastructure have become an easy target and if the data leak is new, it will raise serious questions on the protocols telecom companies are following regarding data security and privacy.

Rewterz:      ProPakistani:       Global Village:     TechJuice:        BusinessRecorder:

You Might Also Read:

35 Million 2018 US Voter Records For Sale:

 

 

 

 

« Big Tech Benefits From COVID-19
Pandemic: 'Normal' Crime Drops While Cyber Crime Jumps »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Code42

Code42

Code42 CrashPlan, is an enterprise SaaS solution that backs up all distributed end-user data on a single, secure platform.

Paramount Computer Systems

Paramount Computer Systems

Paramount is a regional leader in the Middle East for cybersecurity solutions and consulting services.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

ITonlinelearning

ITonlinelearning

ITonlinelearning specialises in providing professional certification courses to help aspiring and seasoned IT professionals develop their careers.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

Xceptional

Xceptional

Xceptional is a multi-award-winning technology services firm that celebrates the unique strengths of people with autism.

CSIR Information & Cybersecurity Research Centre

CSIR Information & Cybersecurity Research Centre

The CSIR Information & Cybersecurity Research Centre focuses on research, development, and innovation of home-grown cyber and information security.

Quarkslab

Quarkslab

Quarkslab is a dedicated team of cyber-security engineers and developers. We aim at forcing the attackers, not the defender, to adapt constantly.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.

ClearFocus Technologies

ClearFocus Technologies

ClearFocus Technologies provides advanced cybersecurity services that secure our nation’s most sensitive assets.