Sensitive documents of the Khyber Pakhtunkhwa (KP) Police department have reportedly been compromised by an international hacker group.
The hackers have reportedly put more than 1,400 official documents up for sale, and a preview shows that the documents have been categorized according to gender, districts, police stations, crimes, etc.
ProPakistani tried to contact the spokespersons for the KP Police and provincial government several times but was unable to get an official word on the matter by the time this story was filed.
Rawalpindi-based strategic analyst Zaki Khalid said that “the hacker is based overseas and regularly sells hacked databases of different targets in multiple countries. In this case, he was first observed sharing login credentials for the KP Police access panel in August 2021. It is only recently that he announced compilation and sharing of acquired documents.”
The hacker is active on Telegram and is presently open for bidding to sell the data. Zaki believes that this breach was not too sophisticated and could have been avoided by adopting basic cyber security protocols.
This is the second high-profile incident involving a data breach of a government institution this week. Official emails of senior officers of the Ministry of Finance were also compromised in a cyber security breach on Monday.
Official communication comprising of more than 2,500 of the ministry’s emails regarding the International Monetary Fund (IMF), the Financial Action Task Force (FATF), the China-Pakistan Economic Corridor (CPEC), the Asian Development Bank (ADB), the World Bank, Fitch Ratings, Credit Suisse, and hundreds of other national and international financial institutions was hacked.
The National Telecommunication and Information Security Board (NTISB), which is the apex government agency that provides IT support to government organizations, regularly issues advisories to government institutions to ensure they keep their antivirus software and other security protocols updated.
However, it seems that the NTISB’s warnings are not being taken seriously by the government organizations, which allows hackers to steal official data frequently with relative ease.
It is now crucial to establish a national authority that can manage and secure the country’s official cyberspace, and the concerned top-level authorities must investigate why the NTISB’s guidelines are being disregarded.