Data of 2.7 million Pakistanis was stolen between 2019 to 2023 with the help of National Database and Registration Authority’s (NADRA) offices of Multan, Peshawar and Karachi.
A Joint Investigation Team (JIT) delivered a report on Tuesday to the interior ministry concerning the (NADRA) breach of citizens’ data.
The Public Accounts Committee (PAC) directed the Interior Ministry to investigate the data breach with the cooperation of the Pakistan Telecommunication Authority (PTA), the Federal Investigation Agency (FIA), and Military Intelligence.
The JIT’s findings revealed that the data moved from Multan to Peshawar, then was transferred to Dubai, and eventually sold in Argentina and Romania.
The JIT urged disciplinary measures against certain high-ranking NADRA officials. The joint investigation team, led by the FIA Director of Cybercrime, was established to look into the March 2023 cyberattack, which compromised the personal details of citizens, including military personnel.
Following the investigation, the JIT reported its findings to then-interim Prime Minister Anwaarul Haq Kakar.
The acting prime minister directed NADRA to take necessary steps according to the JIT’s suggestions and findings.
Corrective measures
The report outlined proposed safeguards for citizens’ data, encompassing both regulatory and technological advancements.
In response to the Prime Minister’s directive, the authorities initiated compliance actions. Furthermore, the report highlighted that these initiatives would enhance emergency service delivery and bolster standard database security.
