A new data safety breach has been discovered in Pakistan, where several websites offer access to the CNIC and address details of mobile users by entering their phone numbers. The websites claim to provide a service for verifying the identity and location of mobile users, but they also expose sensitive personal information that could be misused by malicious actors.
The websites are allegedly using the data from a massive data leak that occurred last month, when a hacker leaked online the personal information of 44 million Pakistani mobile users, as part of a larger data dump of 115 million records. The data breach included customer names, home addresses, national identification numbers, mobile phone numbers, landline numbers, and dates of subscription.
The leaked data poses a serious risk to the privacy and security of millions of Pakistani mobile users, as it could be used for identity theft, fraud, phishing, and other cybercrimes. Moreover, the data could also expose the link between the mobile numbers and the national identification numbers (CNIC) of the users, which are considered sensitive and confidential information in Pakistan.