Pakistan-based cybersecurity company, Rewterz Threat Intelligence, discovered a sale advertisement of 115 million Pakistani mobile users’ data being put up on the dark web by an undisclosed hacker.
Researchers at Rewterz said that the threat actors are monetarily motivated as they have placed a minimum price tag of 300 bitcoins amounting to approximately $2.1 million for the leaked data. Researchers added that the threat actors hold a premium account on the dark web forum where it has been advertised. The uploaded data dump had been recently hacked and was still being updated as per the advertisement. However, it is still unclear if any specific telecom operator(s) or all telecom operators in Pakistan fell victim to this malicious attack, and whether the data was collected through a single data breach or over a period of time from multiple data breaches.
The threat actors have organized the data neatly in a CSV file. It contains personally identifiable information (PII) of all its users including name, address, phone numbers as well as their CNIC and NTN numbers.
The Dark Web Ad says…
PM (personal message) offers and Questions
Database is freshly hacked this week. That data was still being updated as I took the data down. Beautifully organized in a CSV with headers for your pleasure.
Headers: ID, MSISDN, ACT_DATE, STATUS, L_DATE, NAME, CNIC, TAX_NO, ADDRESS, PHONE1, PHONE2, CITY, REGION
Starting Cost: 300BTC (Bitcoins)
Rewterz researchers said, “It might be possible that these (compromised) telecoms companies have failed to disclose the data breach because they aren’t aware of the hack or have intentionally opted not to reveal it. Either ways, it’s concerning for customers whose information has been published.”
Freedom Mobile Users’ Data Leak
Earlier, Freedom Mobile, a Canada-based mobile network company, suffered a data breach that exposed the personal information of around 1.5 million of its customers. According to the security researchers Noam Rotem and Ran Locar from the security firm vpnMentor, a technical glitch in an Elasticsearch server exposed five million logs that contained Freedom Mobile customers’ data. The researchers stated the server was left online without password protection, allowing anyone to access the data.
Freedom Mobile stated the unprotected server revealed its users’ sensitive information, including customer names, email addresses, phone numbers, postal addresses, dates of birth, customer types, Freedom Mobile account numbers, and credit card information.