Personal Data Of 115m Pakistanis For Sale

Uploaded on 2020-04-17 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Leading Pakistani cyber security company Rewterz has discovered a massive data dump containing information of 115 million Pakistani mobile phone users that is now for sale on the dark web.The cyber-criminal, who is a VIP member of the dark web forum where the advertisement has been placed, has set the asking price for this data dump at 300 Bitcoins equivalent to around $2.1 million. 

Rewterz’s Threat Intelligence team has analysed some of the samples from the telecom database up for sale and the data includes personal information of the users such as names, contact numbers, residential addresses, National Identity Card numbers and Tax Code Identity Numbers. ​

With a total popultaion of 220 million, the stolen data equates to the contact information for every adult in the nation.

The firm added that the cyber-criminal offering the data dump for sale is a VIP member of the dark web forum where the ad has been posted. “Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organised in a CSV with headers for your pleasure." the dark wed advertisement states.

Rewertz think that this data could be an outcome of multiple breaches or of a single breach of one or more mobile operators, although the given the sheer number of users suggests it is likely to be from more than one of the major service providers. 

None of the telecom operators immediately notified their customers that their data has been compromised. This could be because  the companies are unaware of the breach, the data is actually old or that they have deliberately chosen to keep their customers in the dark.

Rewertz researchers suggest that Pakistani organisations with outdated cyber security infrastructure have become an easy target of these actors and that some of the data may date from 2014.

Financially motivated threat actors are active in Pakistan and organisations with outdated cyber security infrastructure have become an easy target and if the data leak is new, it will raise serious questions on the protocols telecom companies are following regarding data security and privacy.

Rewterz:      ProPakistani:       Global Village:     TechJuice:        BusinessRecorder:

You Might Also Read:

35 Million 2018 US Voter Records For Sale:

 

 

 

 

« Big Tech Benefits From COVID-19
Pandemic: 'Normal' Crime Drops While Cyber Crime Jumps »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

Bloombase

Bloombase

Bloombase is the leading innovator in Next-Generation Data Security solutions for Global 2000-scale organizations

CANVAS Consortium

CANVAS Consortium

The CANVAS Consortium aims to unify technology developers with legal and ethical scholar and social scientists to approach the challenges of cybersecurity.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

IoT M2M Council (IMC)

IoT M2M Council (IMC)

The IMC is the largest and fastest-growing trade organisation in the IoT/M2M sector.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.

WireGuard

WireGuard

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs).

JustunSecure

JustunSecure

JustunSecure is dedicated to promoting information technology and cybersecurity in Africa.

Cyber Security Unity (CSU)

Cyber Security Unity (CSU)

Cyber Security Unity (formerly the UK Cyber Security Association) is a new global community which has been set up to help unite the industry and combat the growing cyber threat.