Hackers Are Openly Selling Pakistani Mobile Phone Users’ Data on Internet

How depressing it can get if you come to know that your mobile phone number, home address, CNIC number and various other sensitive and private information is being sold online for just few pennies?

Yes, its not only depressing but utterly shocking to know the fact that there are few individuals who have compiled the data of millions of Pakistani mobile phone users and they are freely selling this database in the open over internet.

Each record in the leaked database includes individual name, CNIC, mobile phone number, home address, etc.

Available for just few thousand rupees, you just have to input the mobile phone number to get the entire details of any individual.

We are yet to ascertain the source of this leaked data or the organization that was responsible for the leak, but it in the hands of those hackers now who would re-sell this information for mere few thousands.

We are also not aware of the number of individuals who are enlisted in this database, but sellers claim that millions of Pakistani records are saved in the database.

Just if you are curious, individuals’ data can be retrieved by inputting mobile number, CNIC or address.

Here’s sneak preview of the details of Mr. Saad Rafique, a renowned politician, whose record was available in the leaked database:

Saad_Rafique

Mujahid Sheroze, who is directly aware of the individuals selling this database online — and who tipped us with the information — has committed to help law-enforcement agencies to get the culprits behind the bars.

Mujahid said that he’s willing to help LEAs in any capacity to make sure that such sensitive data is not only secured, but those who are selling it are made an example for any future outlawry.

We have repeatedly emphasized about web security and the need for hardening our private and government sector web-servers. This data leak is apparently the result of a poor security, be it the web security or other data security measures that our organizations employ to protect data.

We assume that this will get only more serious with time — just imagine if banking records are made online someday — and we have to start taking our data security more seriously before our next nightmare is realized in-front of our eyes.

Tech reporter with over 10 years of experience, founder of ProPakistani.PK


    • Dear, don’t take it seriously but think for a moment. If the number of any of your female family member (sis,wife,daughter,cousin etc.) gets leaked and some stalker gets hold of the information, would it not be a concern for you and a point to worry about ?

      • You are not safe in Pakistan also, jab yahan kisi jaan ki qadar nahen hai to information leak honay ya na honay se kia farq parta hai.. :-)

      • I could realize this threat years back when i was in telenor and all family numbers are registetd with me and other male members…;) be smart. Be safe

  • Sirf warid ka data available ha (as far as i know) wo bhe 2007 sy pehlay ka. ap google kr lo easily mil jae ga aur kisi company ka nhe ha aur na he warid ka latest data available ha. obviously warid/call center employee responsible

  • Old news I think, this was reported to PTA back in August by all operators from what I know and was taken care of. Even if this particular guy has data, it must be old data that was already available.

    • yes of course we’re paying tax, wo be rana sana jese ghundo ki jaibein bharne kr liye aur awam ko us khanzeer k ghundo se qatl krwane k liye

  • To be honest .. it is just a matter of few seconds to extract this information … thousands of pakistani websites are vulnerable to hacking .. moreover these websites hold such data … the real culprits are those who collect data and do not save guard it ..

  • It is being sold since past few years, the problem is that GSM networks have kept all the data on internet facing websites and worst unencrypted. We all have been aware of all of these websites being vulnerable to SQL injection in past and ofcourse which allowed attackers to keep backdoor access on the webserver and hence getting hold of the latest updated dump. The same has been the case with ptcl, suprememe court and other government websites.

    You know what would happen next, Law enforcement agencies would arrest people who downloaded the data from the internet and were not the cause of the leak. Instead Government should focus on securing the data present in cloud.

  • This database is circulating in Online Black market since 2013 , This Database contains numbers which are registered before June 2012…

  • Bhaio jab NADRA ka data ek cd mein Rs. 250 mein karachi ki markets mein sale ho raha ho jo kisi bhi nation ka sab se ziada secret data hota he to phir ye mobile database se kia farq parta he???? Rs 25,000 mein pak ki nationality sale ho rahi he. problem ye he keh hamare logon mein ehsaas mar gia he or yehi ehsaas apko haram or halal mein farq kerwata he. yar olx per ad aey hotey hen keh kisi bhi company k number ki details sirf kuch paison mein hasil karein. esa sensitive data company employee khud leak kerte hen or market mein sell out kerte hen. kia kisi pakistani security agency ne is per koi step lia he???? esa america mein hoa hota to ab tak FBI ne uthal pathal macha deni thi hamari FIA illegal gateway pakarne mein lagi he or maaon behnon k data ki bolee lagi hoi he. EHSAAS mar gia he :'(

  • Don’t worry brethren. Our country has everything on sale. If the cellular companies can sell preactivated sims, data can also be.

  • Shame!

    Its time consider the development of some policies and procedures regarding cyber crime. Awareness also need to be spread to the nation, so people like “Sanu ki” can have an idea about its impacts and implications.

    Privacy of data is so much important. Just due to leak of mobile numbers we receive lot of spams in a day. God forbids what they can do with other information like CNIC and addresses.

  • یہ خاصی پرانی بات ہوگئی ہے اب تو۔ میں نے ماہنامہ کمپیوٹنگ کے دسمبر ۲۰۱۳ء کے شمارے میں اس حوالے سے اداریہ لکھا تھا۔ یہی نہیں بلکہ ایف آئی اے سائبر کرائم سیل کو بھی اس کی اطلاع دی گئی تھی۔ لیکن انہوں نے کاروائی کرنے کے بجائے ہمارا ہی بندہ حاضری کے لئے بلا لیا۔ اداریہ اس ربط پر دیکھا جاسکتا ہے:
    http://tinypic.com/view.php?pic=j0zced&s=8

  • To help out LEAs we all should mention here email addresses, websites, phone numbers, advertisements, shops etc who sell mobile subscribers or NADRA data. Talking in general will not help much.


  • >