SECP Fixes Massive Data Leak of Sensitive Information of Registered Companies

Security and Exchange Commission of Pakistan, better known as SECP, is a regulatory agency that develops and regulates the corporate sector and its securities in Pakistan. The agency holds public and private information on a company’s directors and the financials of all of the companies registered in Pakistan. Parts of such data were recently exposed on the internet.

The leaked information from SECP included private details about companies and their CEOs, such as the CEO’s full name, CNIC number, father’s name, phone number, home address, and more. What’s alarming is that the leaked information was easily accessible to everyone and it was as easy as sharing a link online.

The image below is a screenshot taken from the leaked link. It has been censored for security purposes and ProPakistani will not be sharing any details here.

After a timely warning from ProPakistani, SECP has now removed all the private information that was publicly available on the leaked link. Accessing the link still takes you to the company’s WordPress backend, but it does not show any private information anymore.

The development was also confirmed by SECP’s spokesperson.

Data leaks are starting to become more and more abundant in Pakistan as well as other countries around the globe. Pakistan’s Finance Ministry has had its data leaked time and time again, which revealed highly sensitive state secrets. It happened last time in March and in November 2021 before that.

Not just that, but the Federal Board of Revenue also had its data breached back in August last year. Clearly, the widespread issue needs to be addressed and we hope to see better security measures going forward.