How depressing it can get if you come to know that your mobile phone number, home address, CNIC number and various other sensitive and private information is being sold online for just few pennies?
Yes, its not only depressing but utterly shocking to know the fact that there are few individuals who have compiled the data of millions of Pakistani mobile phone users and they are freely selling this database in the open over internet.
Each record in the leaked database includes individual name, CNIC, mobile phone number, home address, etc.
Available for just few thousand rupees, you just have to input the mobile phone number to get the entire details of any individual.
We are yet to ascertain the source of this leaked data or the organization that was responsible for the leak, but it in the hands of those hackers now who would re-sell this information for mere few thousands.
We are also not aware of the number of individuals who are enlisted in this database, but sellers claim that millions of Pakistani records are saved in the database.
Just if you are curious, individuals’ data can be retrieved by inputting mobile number, CNIC or address.
Here’s sneak preview of the details of Mr. Saad Rafique, a renowned politician, whose record was available in the leaked database:
Mujahid Sheroze, who is directly aware of the individuals selling this database online — and who tipped us with the information — has committed to help law-enforcement agencies to get the culprits behind the bars.
Mujahid said that he’s willing to help LEAs in any capacity to make sure that such sensitive data is not only secured, but those who are selling it are made an example for any future outlawry.
We have repeatedly emphasized about web security and the need for hardening our private and government sector web-servers. This data leak is apparently the result of a poor security, be it the web security or other data security measures that our organizations employ to protect data.
We assume that this will get only more serious with time — just imagine if banking records are made online someday — and we have to start taking our data security more seriously before our next nightmare is realized in-front of our eyes.