In a security lapse, an investigative team has confirmed the theft of personal data belonging to 2.7 million citizens from Pakistan’s National Database and Registration Authority (NADRA).
According to sources, a report presented to the Ministry of Interior by a joint investigation team (JIT) detailed a data breach spanning from 2019 to 2023.
The joint investigation team (JIT), led by Syed Waqaruddin of the Federal Investigation Agency (FIA), included esteemed representatives from Pakistan’s premier intelligence agencies as well as officials from NADRA. Through meticulous investigations, the team determined that the security breach originated from NADRA’s offices in Multan, Karachi, and Peshawar.
The report suggests that senior officials’ negligence at these locations facilitated the data theft, recommending accountability measures. Further investigation traced the data’s movement from Multan to Peshawar and ultimately to Dubai. Evidence indicates the compromised data was likely sold in Argentina and Romania.
This investigation was initiated following a cybersecurity incident in March 2023, which brought the vulnerability of critical data to the forefront after leaks involving senior military officials were reported in the media.