ISLAMABAD: Pakistan Telecommunication Authority (PTA) said on Sunday it was investigating the authenticity of a report that has claimed the personal information of millions of Pakistani mobile users was being sold online.
On Friday, Dubai based information security company Rewterz claimed the private data of 115 million Pakistani mobile users was up for sale on the dark web with a price tag of $2.1 million.
“It is still a claim that data of 115 million Pakistani users has been breached but we are trying to verify the authenticity of the claim by someone on dark web,” Chairman PTA Major General (R) Amir Azeem Bajwa told Arab News, and said the authority had contacted all mobile operators.
“There are multiple reports we are receiving during our investigation as few claims are surfacing that it is old data,” Bajwa said and added that the authority would be able to get to the bottom of the matter in a week.
Meanwhile, Chairman of the Senate Standing Committee on Interior, Senator Rehman Malik has sought a report from the interior ministry on the matter of the data breach.
Pakistan’s Minister for Telecom, Syed Aminul Haque, said on Sunday the government is taking steps to ensure the safety of cyber data and working on new legislation for the country’s cybersecurity.
“The Information Technology (IT) and Telecommunication ministry along with other relevant departments will ensure safety and protection of private data of all the Pakistanis,” Haque told Arab News via telephone from Karachi.
The minister said the IT ministry had conducted “several meetings” to ensure the online data of Pakistanis was protected, and said the government was working on legislation for cyber data protection. He added it was the responsibility of the government to stop any such security breaches, as the information at hand was both sensitive and personal.
In April last year, Pakistan’s IT ministry had announced that a comprehensive cybersecurity policy would be introduced soon-- no policy has been announced so far.
And though the country has placed great importance on countering and policing the spread of content and information through special cyber laws in recent years, these have remained specific to cyber-crime and not cyber-security.
“Pakistan does not have any national cybersecurity policy and government should develop a cybersecurity policy on priority,” Ammar Jafri, former head of the Federal Investigation Agency’s (FIA) National Response Center for Cyber Crime wing told Arab News, and added that the risk of data breaches had increased due to an increase in online activities following pandemic-related lockdowns around the world.
Jafri was instrumental in drafting Pakistan’s first cybersecurity policy in 2012 which is still pending approval.
A senior FIA cyber wing official told Arab News on condition of anonymity that the matter has still not been referred to the agency so far.
“PTA is investigating the issue and it has not been referred to FIA from the concerned authorities so far,” he said.
“FIA will provide all its assistance when it will be assigned the task.”