A Pakistani cybersecurity company has come across a data dump containing information of 115 million Pakistani mobile phone users currently up for sale on the dark web.
The cybercriminal, who is a VIP member of the dark web forum where the advertisement has been placed, has set the asking price for this data dump at 300 Bitcoins (BTC) or $2.1 million.
According to the advertisement description, the telecom database was hacked this week.
Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organized in a CSV with headers for your pleasure.
Rewterz’s Threat Intelligence team has analyzed some of the samples from the telecom database up for sale on the notorious dark web. The data includes personal information of the users such as names, contact numbers, residential addresses, CNIC numbers, and NTN numbers.
The Threat Intelligence team has noted that financially motivated threat actors are active in Pakistan and organizations with outdated cybersecurity infrastructure have become an easy target of these actors.
The team further notes that it is unclear for now whether only single or more telecom companies have fallen victim to the cybercriminals. It cannot be said with certainty as well whether this data has been stolen as a result of a single breach or multiple breaches over time.
According to the given sample’s visible results, the latest data is from 2014 and none of the latest number schemes (0317, 0308 etc.) are mentioned. It is entirely possible that the data is old and the claim is false.
That said, none of the telecom operators have notified their customers that their data has been compromised. It could be because either the companies are unaware of the breach, the data is actually old or they have deliberately chosen to keep their customers in the dark.
If the data leak is new it will rais serious questions on the protocols telecom companies are following regarding data security and privacy.