A spokesperson for Pakistan’s National Cyber Emergency Response Team (NCERT) confirmed on Tuesday that no breaches had been reported by any government agency or private organisation following a significant global data exposure incident affecting 184 million internet users.
NCERT issued an advisory regarding a massive data breach involving an unencrypted, publicly accessible file containing over 184 million unique account credentials, according to Arab News.
The exposed data includes usernames, passwords, email addresses, and linked URLs to services such as Google, Microsoft, Apple, Facebook, Instagram, Snapchat, along with various government portals, banking institutions, and healthcare platforms worldwide.
“As of now, we have not received any reports of data breaches from any government or private organisation in Pakistan,” said Syed Imran Haider, NCERT spokesperson.
He added that the team remained “vigilant, in contact with all relevant departments, and working around the clock” to monitor the situation. “We are actively engaged with global CERTs and international cybersecurity platforms,” he noted.
The leaked database is believed to have been compiled using infostealer malware, a malicious software designed to extract sensitive data from compromised systems. The data was left unprotected, stored in plain text without encryption or password safeguards.
In response, NCERT has advised all users to change their passwords, particularly those reused across multiple services, and to enable multi-factor authentication on sensitive accounts.
“Users should also consider using unique, complex passwords for each online service and avoid storing passwords in unprotected files,” Haider added.
Cybersecurity experts have warned that Pakistani users are at risk of identity theft, account hijacking, and financial loss due to the exposure of sensitive login credentials.
Dr Shahid Sultan, a cybersecurity expert, stated that banking and financial accounts could be particularly vulnerable to unauthorized transactions.
“Users and organizations are urged to remain vigilant, monitor login activities for irregularities, and act on the precautionary measures recommended by NCERT,” Dr. Sultan said.
