Personal Data Of 115m Pakistanis For Sale

Uploaded on 2020-04-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Leading Pakistani cyber security company Rewterz has discovered a massive data dump containing information of 115 million Pakistani mobile phone users that is now for sale on the dark web.The cyber-criminal, who is a VIP member of the dark web forum where the advertisement has been placed, has set the asking price for this data dump at 300 Bitcoins equivalent to around $2.1 million. 

Rewterz’s Threat Intelligence team has analysed some of the samples from the telecom database up for sale and the data includes personal information of the users such as names, contact numbers, residential addresses, National Identity Card numbers and Tax Code Identity Numbers. ​

With a total popultaion of 220 million, the stolen data equates to the contact information for every adult in the nation.

The firm added that the cyber-criminal offering the data dump for sale is a VIP member of the dark web forum where the ad has been posted. “Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organised in a CSV with headers for your pleasure." the dark wed advertisement states.

Rewertz think that this data could be an outcome of multiple breaches or of a single breach of one or more mobile operators, although the given the sheer number of users suggests it is likely to be from more than one of the major service providers. 

None of the telecom operators immediately notified their customers that their data has been compromised. This could be because  the companies are unaware of the breach, the data is actually old or that they have deliberately chosen to keep their customers in the dark.

Rewertz researchers suggest that Pakistani organisations with outdated cyber security infrastructure have become an easy target of these actors and that some of the data may date from 2014.

Financially motivated threat actors are active in Pakistan and organisations with outdated cyber security infrastructure have become an easy target and if the data leak is new, it will raise serious questions on the protocols telecom companies are following regarding data security and privacy.

Rewterz:      ProPakistani:       Global Village:     TechJuice:        BusinessRecorder:

You Might Also Read:

35 Million 2018 US Voter Records For Sale:

 

 

 

 

« Big Tech Benefits From COVID-19
Pandemic: 'Normal' Crime Drops While Cyber Crime Jumps »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

CERT-FR

CERT-FR

CERT-FR is the French national government computer security incident response team.

Agenci

Agenci

Agenci are specialists in cyber security and information security and deliver ISO 27001 Certification.

IT2Trust

IT2Trust

IT2Trust is one of Scandinavia’s leading value-added distributors of business-critical IT solutions within IT security and networking.

Luxembourg Institute of Science & Technology (LIST)

Luxembourg Institute of Science & Technology (LIST)

LIST is a mission-driven Research and Technology Organisation. Areas of research include IT and aspects of IT security.

Secardeo

Secardeo

Secardeo is a provider of corporate solutions using digital signatures and certificates. Our solutions enable the user transparent end-to-end encryption of e-mails between organizations.

MER Group

MER Group

MER Group is a world-leading integrator in the areas of communications and security. MER cyber solutions cover the entire range of cyber and intelligence related products and services.

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Axitea

Axitea

Axitea designs, implements and develops the solutions best suited to its customers’ needs and their physical and cyber security requirements.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

Queen Consulting & Technologies

Queen Consulting & Technologies

Queen Consulting & Technologies specialize in providing IT support, management, and Security to Gov’t Contractors, CPAs, and Nonprofits.

DeepTempo

DeepTempo

At DeepTempo, we build AI models and related software that protect enterprises and service providers from sophisticated cyber threats.