Tuesday, February 7, 2023
Digital Rights Monitor
  • DRM Exclusive
    • News
    • Court Updates
    • Features
    • Opinion
    • Campaigns
      • #PrivacyHumSabKe
    • Vodcasts
  • In Media
    • News
    • OP-EDs
  • Editorial
  • Gender & Tech
    • SheConnects
  • Trends Monitor
  • Infographics
  • Resources
    • Laws and Policies
    • Research
    • International Frameworks
  • DRM Advocacy
    • Exclusives
    • Featured
    • Publications
    • Statements
No Result
View All Result
Digital Rights Monitor
  • DRM Exclusive
    • News
    • Court Updates
    • Features
    • Opinion
    • Campaigns
      • #PrivacyHumSabKe
    • Vodcasts
  • In Media
    • News
    • OP-EDs
  • Editorial
  • Gender & Tech
    • SheConnects
  • Trends Monitor
  • Infographics
  • Resources
    • Laws and Policies
    • Research
    • International Frameworks
  • DRM Advocacy
    • Exclusives
    • Featured
    • Publications
    • Statements
No Result
View All Result
Digital Rights Monitor
No Result
View All Result

in DRM Exclusive, News

Sensitive data of over 100m Pakistanis breached; interior ministry, NADRA deny responsibility

Abad MansouribyAbad Mansouri
December 30, 2020

Photo by Mika Baumeister on Unsplash

Pakistan’s Ministry of Interior, as well as the National Database and Registration Authority (NADRA), have both refused to take responsibility of an allegedly major data leakage comprising personal and possibly sensitive information of more than 100 million mobile users, causing uproar among members of the civil society and raising concerns about digital security.

According to a letter dated December 1 from the interior ministry to Sindh High Court (SHC) Assistant Attorney General Hussain Bohra, an inquiry board probing the alleged data leak conducted a “detailed forensic analysis” using the services of cybersecurity firm Rewterz and found that “there was no data leakage on the part of NADRA”.

The data in question “is related to Pakistan Mobile Users and not of NADRA”, the board stated, adding that it did “not correlate with the NADRA database, proving that the data is not from NADRA database”. The body directed the SHC to contact the Ministry of Information Technology and Telecommunication (MoITT), which it said “would further be in a better position to submit relevant details”.

The issue of the damning data leakage was also raised on social media by journalist Haider Kaleem, who termed it, “strange [given] how there’s complete silence over the theft of 11 million Pakistani citizens’ sensitive data”. 

Kaleem regretted that “nobody is ready to take responsibility”.

Strange how there’s complete silence over the theft of 11 million Pakistani citizens’ sensitive data. What’s the point of cyber crime laws and pending data protection draft bill when whoever sold this data gets away with it. Nobody is ready to take responsibility. What a shame! pic.twitter.com/uxVlgVaRR1

— Haider Kaleem (@HaiderKaleemB) December 28, 2020

Dawn reported that Advocate Tariq Mansoor, the individual who had filed a petition “in the larger public interest and public importance”, had told the court in the last hearing the data leak was allegedly by telecommunication service providers and had been uploaded to the so-called dark net by cybercriminals demanding 300 bitcoins (BTC) – approximately over Rs. 1.35 billion – for its sale. It comprised “full names, complete addresses, and CNICs of cellular users”, the publication added.

“It is very relevant here that especially during the lockdown because of COVID-19 pandemic in Pakistan, majority of citizens have been using online, and are using cell phones” to register themselves for the PTI regime’s flagship Ehsaas Programme and Prime Minister Imran Khan’s coronavirus Tiger Force, Mansoor said in his petition, a copy of which is available with the Digital Rights Monitor.

He also highlighted in his petition “a secret ‘Special Advisory’ circular/letter titled ‘Special Advisory Exploitation of WhatsApp by NSO Group” reportedly issued by IT & Telecommunication secretary and shared with the official’s other federal counterparts, showing “the severity and the possible linkage of the instant subject matter”.

The Federal Investigation Agency (FIA) had already been directed by the chairperson of the Senate Standing Committee on Interior, Senator Rehman Malik, to investigate and submit a report on the matter, he added.

The advocate, however, underscored that due to a lack of proper intimation by the PTI-led government, that report in question may not be made public. Regardless, he appealed for the SHC to form a high-powered commission to probe the matter under the applicable laws, including the controversial Prevention of Electronic Crimes Act (PECA), 2017, and the Official Secrets Act.

It is noteworthy that back in 2018, the credit and debit card details of more than 19,000 users from almost a dozen Pakistani banks were stolen by hackers based abroad in “the biggest of its kind” cyber-security breach to be sold on dark web forums. Following the State Bank of Pakistan’s (SBP) security advice, several commercial banks had consequently blocked international transactions.

According to Geo TV, the FIA’s chief for digital crimes had said at the time “almost all major Pakistani banks” were affected. Global cyber security firm Group-IB had said the data was being sold on “Jokerstash — a virtual Darkweb hub of stolen card data used by hackers as a distribution point for compromised accounts”, with the debit and credit card information on sale “for prices ranging from $100 to $135 each”.

In an interview with Dawn News TV, FIA Cybercrimes Director Capt (r) Mohammad Shoaib had admitted to the hackers having “stolen large amounts of money from people’s accounts” and acknowledged a “need for improvement in the security system of our banks”. However, he had stressed that the cyber-crime body was “trying to play a proactive role in preventing bank pilferage”.

(BTC1 = Rs4,491,101.74)

Featured Image by Mika Baumeister on Unsplash

Tags: #PrivacyHumSabKecybercrimedata leakData protectionNADRAPakistanprivacySHCSindh High Court
Previous Post

WhatsApp Introduces a Carts Feature to Facilitate Online Shopping; What Does This Mean for Pakistan?

Next Post

TV remains primary source of information on COVID19 in Pakistan; social media distrusted by many: study finds.

Share on FacebookShare on Twitter
PEMRA Warns TV Channels Against Airing ‘Anti-State’ Content

PEMRA prohibits TV channels from covering F-9 Park rape case

February 7, 2023
PTA lifts ban on Wikipedia

PTA lifts ban on Wikipedia

February 7, 2023
PTA degrades Wikipedia services over ‘sacrilegious content’

Joint statement condemns Wikipedia ban in Pakistan

February 6, 2023
No Content Available

Next Post

TV remains primary source of information on COVID19 in Pakistan; social media distrusted by many: study finds.

About Digital Rights Monitor

This website reports on digital rights and internet governance issues in Pakistan and collates related resources and publications. The site is a part of Media Matters for Democracy’s Report Digital Rights initiative that aims to improve reporting on digital rights issues through engagement with media outlets and journalists.

About Media Matters for Democracy

Media Matters for Democracy is a Pakistan based not-for-profit geared towards independent journalism and media and digital rights advocacy. Founded by a group of journalists, MMfD works for innovation in media and journalism through the use of technology, research, and advocacy on media and internet related issues. MMfD works to ensure that expression and information rights and freedoms are protected in Pakistan.

Follow Us on Twitter

No Result
View All Result
  • DRM Exclusive
    • News
    • Court Updates
    • Features
    • Opinion
    • Campaigns
      • #PrivacyHumSabKe
    • Vodcasts
  • In Media
    • News
    • OP-EDs
  • Editorial
  • Gender & Tech
    • SheConnects
  • Trends Monitor
  • Infographics
  • Resources
    • Laws and Policies
    • Research
    • International Frameworks
  • DRM Advocacy
    • Exclusives
    • Featured
    • Publications
    • Statements

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist