115 Million Pakistani Mobile Users Data Go on Sale on Dark Web, claims cybersec company

Rewterz, a pioneer of specialized cybersecurity services in Pakistan, claims to have discovered a data dump of 115 million Pakistani mobile users’ data that has shown up for sale on the dark web today. The cybercriminal behind this data breach is apparently demanding 300 BTC ($2.1 million USD) for the data.

This indicates that financially motivated threat actors are active in Pakistan and organizations are becoming a victim of these cyber attacks.

Rewterz Threat Intelligence team claims to have analyzed the samples of the data dump that has been released on a popular dark web forum. The stolen data includes users’ personal details, such as full name, complete address, their mobile numbers as well as their NIC number and Tax Number.

The cybercriminal offering the data dump for sale is a VIP member of the dark web forum where the ad has been posted. “Database is fresh hacked this week. That data was still being updated as I took the data down. Beautifully organized in a csv with headers for your pleasure.” data sale ad states.

Rewterz Threat Intelligence experts believe that the scale of this breach raises questions about the data security and privacy of telecom companies. This data can be an outcome of multiple breaches or a single breach, it’s too early to say at the moment. It is also unclear if any specific telecom operator or all telecom operators in Pakistan fell a victim of this attack. Nonetheless, if a breach had happened it should have been disclosed for customer’s knowledge. It might be possible that these telecoms companies failed to disclose the breach because they aren’t aware of the hack or have intentionally opted not to reveal. It’s concerning for customers whose information has been published.

As per their blog post, Rewterz Threat Intelligence team closely monitors deep & dark web forums, marketplaces & shops and will publish any additional information as soon as it becomes available.

It is pertinent to add that that this news, regardless of its implications, should be taken with a grain of salt until further evidence starts pouring in. After all, it is merely a claim made by a Pakistani cybersecurity company. There are quite a few points that have left us scratching our heads, including why the criminal’s identity hasn’t been disclosed or why there is no apparent time of posting.

Therefore, TechJuice will be verifying these claims independently.