ISLAMABAD:
The country’s top security czar has finally taken notice of the illegal sale of citizens’ private data on various internet platforms after Express News highlighted the issue in an exclusive report. Express News had brought the issue into the spotlight first in October 2024.
Express News revealed on Sunday that despite its earlier report, private data of Pakistani citizens — from federal ministers and senior government officials to ordinary people — is available for sale on various websites without any government authority taking any action.
According to the report, dozens of websites exist online where citizens’ data is openly listed for sale, with fixed rates. At these platforms, mobile phone location is available for Rs500, mobile data record details for Rs3,500 and foreign travel details for Rs5,000.
They also offer information linked to an International Mobile Equipment Identity (IMEI) number for Rs25,000 while colored copies of citizens’ computerized national identity cards (CNICs) are also being sold on these sites.
The IMEI number is a unique code that identifies every mobile phone. Normally, it is used by telecom operators to register a device on the network, block stolen phones, or help in recovery. However, if this number falls into the wrong hands, it can be misused in several ways.
One of the biggest risks of leaking an IMEI number is tracking. With access to telecom databases, criminals can use an IMEI number to trace the movements and location of a phone.
Another danger is cloning, where the IMEI is copied onto another device, allowing someone to impersonate a phone on the network. In some cases, a phone could even be falsely reported as stolen and blocked, making it useless on mobile networks.
When an IMEI number is combined with other leaked personal information, such as identity card copies or call records, it becomes even more dangerous. Criminals can build a detailed profile of a person’s contacts, habits, and movements, and then exploit this data for scams, fraud, or blackmail.
The report highlighted that criminal groups might use this data for financial fraud, deception, and harming people. In some cases, individuals might not even know that their identity card had been misusedfor instance, in court bail processes or fraudulent transactions involving property.
It questioned why the practice of selling data was still going on unchecked despite the fact that it had already been highlighted in October 2024.
Following the broadcast of this news report, Interior Minister Mohsin Naqvi took notice of the matter and directed the National Cyber Crime Investigation Agency (NCCIA) to conduct an inquiry.
The NCCIA director general later formed a special investigation team and ordered it to submit its report within 14 days. “The team has been tasked to investigate all aspects of the data leak, and based on its findings, those involved will be identified and brought to justice,” said an Interior Ministry spokesperson.
