2.2 Million Pakistanis’ Data Exposed In Restaurant Database Hack

(CTN News) – Geo News reported on Wednesday that the personal information of 2.2 million Pakistani citizens has been compromised and is now available for sale on the internet.

This breach occurred when hackers managed to access a private company’s database, which is utilized by hundreds of restaurants.

Reportedly, the hackers have showcased certain citizens’ data as examples in their online sale advertisement.

In their claim, the hackers stated, “We have successfully breached the databases of more than 250 restaurants,” and proceeded to list the names of numerous food establishments.

Breach of Citizen Data in Pakistan: Contact Numbers and Credit Card Details Exposed

As per the available information, the compromised citizen data includes their contact numbers and credit card details. The software that was breached is widely used by hundreds of restaurants across the country.

Furthermore, these details, such as the frequency of transactions and the amounts paid by citizens, are now accessible online for purchase.

The asking price for this citizen data is 2 Bitcoins, equivalent to approximately $54,000 based on a market value of $27,000 per Bitcoin, according to market sources. In Pakistani rupees, this amounts to over Rs15 million.

Notably, the Federal Investigation Agency’s (FBR) cybercrime circle has not yet received any complaints regarding this incident.

It’s important to mention that the federal government recently issued advice to all information technology (IT) and financial institutions, as well as regulators, urging them to avoid collaborating with, installing, or using Indian-origin artificial intelligence (AI) and information and communication technology (ICT) products.

Warning of Potential Threats to Pakistan’s Critical Information Infrastructure (CII) from Indian-Origin AI and ICT Products

The reason cited is the potential threat these products pose to Pakistan’s critical information infrastructure (CII).

This advisory, shared with federal and provincial ministries, highlights that AI products and services are globally utilized across various industries, including the financial and banking sectors, to boost enterprise growth.

The document also noted that certain fintech entities in Pakistan, including a few banks, have engaged with Indian-origin companies offering IT products, cybersecurity solutions, and AI services.

It emphasized the “constant, concealed, and force multiplier threat” to Pakistan’s CII, particularly the banking sector, stemming from Indian security products and solutions.

This threat is attributed to the possibility of backdoors or malware in these products for data collection, including logs and personal identifiable information (PII).

Additionally, it mentioned the potential for direct Indian access to Pakistan’s CII through technical means and access control, with passive monitoring capabilities.