Today: June 2, 2025
Subscribe
·
6 days ago
20 views

Massive Cybersecurity Breach: Over 180 Million Pakistani Credentials Exposed

PKCERT issues urgent cybersecurity advisory as credentials from tech giants, banks, and government portals are leaked

Massive Credential Leak Affects Millions in Pakistan

The National Cyber Emergency Response Team (PKCERT) has issued a critical cybersecurity advisory revealing that over 180 million user credentials have been stolen in a global data breach. The compromised data includes usernames, passwords, emails, and URLs linked to major platforms such as Google, Microsoft, Apple, Facebook, Instagram, and Snapchat, as well as sensitive government, healthcare, and financial services.

The leaked database was reportedly discovered in the form of a publicly accessible and unencrypted plain text file, which included login details stolen using infostealer malware — malicious software designed to extract sensitive data from infected systems.

High Risks of Identity Theft and Account Takeovers

According to the advisory, the breach poses severe cybersecurity threats, including:

  • Identity theft

  • Unauthorized access to government portals and sensitive services

  • Phishing attacks and credential stuffing

  • Targeted social engineering

  • Malware deployment using compromised accounts

The database was hosted publicly without any authentication or encryption and contained credentials from both individuals and large organizations, including government institutions and private enterprises.

PKCERT has urged users to take immediate action to mitigate risks, including:

  • Changing passwords immediately across all platforms

  • Enabling multi-factor authentication (MFA)

  • Avoiding password reuse

  • Using secure password managers for account safety

Additionally, the agency recommends annual password updates and checking breach status using credible online tools.

PKCERT and Government Response

As the lead federal entity in cybersecurity oversight, PKCERT emphasized the importance of public awareness and digital hygiene in the wake of this unprecedented breach. The advisory also calls for user education, prompt credential changes, and continuous vigilance.

This breach comes in the aftermath of a similar incident investigated in March 2024, where credentials of 2.7 million citizens were leaked from NADRA offices in Karachi, Multan, and Peshawar. The Joint Investigation Team (JIT) probing that case recommended disciplinary action against several officials.

With cyber threats evolving rapidly, PKCERT’s latest advisory signals a crucial turning point for digital security in Pakistan. Ensuring nationwide cybersecurity readiness is now more critical than ever.

Author

Tags

Leave a Reply

Your email address will not be published.

Arshad Chaudhry

Related Posts

Don't Miss

Pakistan Embraces Crypto: First Government-Backed Bitcoin Reserve Announced