Thousands of Pakistanis, including senior government officials and federal ministers, are reportedly caught up in an ongoing breach of personal data that has been placed on sale across multiple websites. According to Express News, the exposed information includes mobile SIM registration records, call logs, addresses, scanned copies of national identity cards, and international travel details. The wide-ranging scope of the data leak has drawn concern not only because of the number of civilians affected, but also because high-ranking government representatives and officials are among the victims.
The report states that sensitive personal details are being openly marketed at low prices, making them accessible to virtually anyone. Mobile location records can reportedly be purchased for Rs500, full mobile data histories for Rs2,000, and travel records for Rs5,000. Intelligence officials have raised alarms that such information could be misused by malicious actors to track individuals, commit fraud, or conduct targeted harassment at a minimal cost. The availability of such detailed personal records poses a major risk of identity theft, blackmail, and unauthorized surveillance. Despite repeated warnings, the trade continues largely unchecked, with dozens of websites and forums still advertising the sale of data.
This is not the first time that Pakistan has faced concerns about large-scale data leaks. In October of last year, Express News had issued a similar warning, cautioning that personal data of citizens was being circulated online. While assurances were made at the time that offending websites would be taken down and stronger enforcement measures would follow, the continuation of the breach highlights a lack of effective action. Agencies including PTA and the National Cyber Crime Investigation Agency (NCCIA) were criticized for not addressing the problem at its source, leaving gaps that have now been exploited once again.
Interior Minister Mohsin Naqvi has now directed NCCIA to launch a formal probe into the matter, taking notice of the growing public concern. A special 14-member task force has been assembled to investigate how the breach occurred, identify the individuals or groups involved, and recommend legal proceedings. The panel has been instructed to submit its findings within two weeks. In the meantime, questions continue to circulate over how such extensive data could have been accessed and why corrective measures were not implemented earlier despite repeated reports of vulnerabilities.
Civil society voices have joined the debate, demanding accountability from both public and private entities responsible for safeguarding personal information. Citizens have asked for clarity on the chain of responsibility: whether the leak originated from weak institutional controls, insider involvement, or broader cybersecurity lapses. With the growing frequency of such incidents, there is increasing pressure on authorities to strengthen Pakistan’s data protection framework and provide reassurances to citizens that their information will not be exploited. The probe initiated by NCCIA is seen as a critical test of the government’s ability to enforce accountability and improve cybersecurity safeguards before public trust erodes further.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
