A major data breach in Pakistan exposed the personal information of thousands of individuals, including federal ministers, senior government officials, and mobile SIM owners. The compromised data sold online at minimal cost includes addresses, call logs, copies of national identity cards, and international travel records. The leak spans multiple government tiers, from the PTA to cabinet-level officials. Intelligence sources warn the data could be weaponized by malicious actors for targeted attacks with ease. Despite claims of takedowns by the PTA and the National Cyber Crime Investigation Agency (NCCIA), enforcement efforts face criticism for ineffectiveness. A 14-member task force has been formed to investigate, with findings expected within two weeks. The breach coincides with a corruption scandal in Pakistan’s biometric safety net program (BISP), where 324 officials siphoned ~$130,000 via fraudulent biometric verifications, including payments to fake or deceased accounts.
TPRM report: https://www.rankiteo.com/company/ptaofficialpk
"id": "pta4603146090925",
"linkid": "ptaofficialpk",
"type": "Breach",
"date": "9/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': 'thousands (including federal '
'ministers and senior officials)',
'industry': 'telecommunications',
'location': 'Pakistan',
'name': 'Pakistan Telecommunication Authority (PTA)',
'type': 'government agency'},
{'industry': 'cybersecurity',
'location': 'Pakistan',
'name': 'National Cyber Crime Investigation Agency '
'(NCCIA)',
'type': 'law enforcement'},
{'customers_affected': 'nearly a quarter of Pakistan’s '
'citizens (indirectly affected '
'by corruption scandal)',
'industry': 'social welfare',
'location': 'Pakistan',
'name': 'Benazir Income Support Program (BISP)',
'type': 'government program'}],
'data_breach': {'data_exfiltration': 'yes (data sold on online platforms)',
'file_types_exposed': ['digital copies of ID cards',
'call detail records (CDRs)',
'travel history documents'],
'number_of_records_exposed': 'thousands (including '
'high-profile individuals)',
'personally_identifiable_information': ['names',
'addresses',
'national ID numbers',
'mobile numbers',
'call logs',
'travel histories'],
'sensitivity_of_data': "high (includes government officials' "
'data)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'mobile SIM data',
'call logs',
'national identity card copies',
'travel records']},
'description': 'A major data breach in Pakistan has exposed the personal '
'information of thousands of individuals, including federal '
'ministers and senior government officials. The compromised '
'data including addresses of mobile SIM owners, call logs, '
'copies of national identity cards, and international travel '
'records is being sold online across dozens of platforms. The '
'breach spans multiple tiers of government, from the Pakistan '
'Telecommunication Authority (PTA) to cabinet-level officials. '
'Authorities like the PTA and the National Cyber Crime '
'Investigation Agency (NCCIA) have faced criticism for their '
'limited public response, despite claims that offending '
'websites were taken down. A 14-member task force has been '
'formed to investigate the breach, with findings expected '
'within two weeks. The incident coincides with a corruption '
'scandal in Pakistan’s Benazir Income Support Program (BISP), '
'where 324 officials were implicated in siphoning over 37 '
'million Pakistani rupees (~$130,000) through fraudulent '
'biometric verification processes.',
'impact': {'brand_reputation_impact': ['public distrust in government '
'agencies',
'criticism of PTA and NCCIA response'],
'data_compromised': ['mobile SIM owner addresses',
'call logs',
'national identity card copies',
'international travel records',
'mobile location data',
'detailed call records',
'travel histories'],
'identity_theft_risk': 'high',
'legal_liabilities': ['potential legal action against 324 BISP '
'officials for corruption',
'investigation by 14-member task force']},
'initial_access_broker': {'data_sold_on_dark_web': 'yes (on multiple online '
'platforms)',
'high_value_targets': ['federal ministers',
'senior government officials',
'PTA employees']},
'investigation_status': 'ongoing (14-member task force investigating, '
'findings expected in two weeks)',
'motivation': ['financial gain', 'espionage', 'fraud'],
'references': [{'source': 'The Express News / The Express Tribune'},
{'source': 'World Bank Evaluation Report (BISP)'}],
'regulatory_compliance': {'legal_actions': ['investigation into 324 BISP '
'officials for corruption',
'potential legal action against '
'data breach perpetrators']},
'response': {'communication_strategy': ['limited public response from PTA and '
'NCCIA',
'Interior Minister Mohsin Naqvi '
'ordered investigation'],
'containment_measures': ['takedown of offending websites '
'(claimed)'],
'incident_response_plan_activated': 'yes (14-member task force '
'formed)',
'law_enforcement_notified': 'yes (NCCIA leading investigation)'},
'title': 'Major Data Breach in Pakistan Exposes Personal Information of '
'Government Officials and Citizens',
'type': ['data breach', 'identity theft', 'corruption scandal']}