NewKerala.com

Pakistan Senate Panel Warns of Major Cyber Lapses, Citizen Data at Risk

A Pakistani Senate committee has raised alarms over severe and systemic cyber security failures within key government institutions like NADRA and the FBR, leading to sensitive citizen data being leaked and sold on the dark web. Lawmakers warned that the breaches suggest possible insider involvement and highlight deep-rooted structural weaknesses. The crisis extends to the private sector, with banks and telecom companies also vulnerable due to outdated systems and a lack of legal mandates for security investment. Critics warn the government's rapid digitalization drive, including the Digital Nation Pakistan Act, is dangerously outpacing the implementation of robust cyber safeguards and a comprehensive data protection law.

Key Points: Pakistan Senate Flags Critical Cyber Security Failures

  • Systemic govt cyber failures
  • Sensitive citizen data leaked
  • Data sold openly on dark web
  • No comprehensive data protection law
  • Digital push lacks security
3 min read

Pakistan's senate panel flags serious cyber security lapses, warns citizens' data at risk

Senate committee warns of systemic cyber security lapses in Pakistan, exposing sensitive citizen data from govt bodies like NADRA and FBR on dark web.

"combined data taken from NADRA, the FBR and even banks is openly available on the dark web - Senator Afnanullah Khan"

New Delhi, Jan 25

A recent hearing of the Senate Standing Committee on Interior has raised serious concerns about the poor state of cyber security in Pakistan, especially within key government institutions such as NADRA and the Federal Board of Revenue.

Lawmakers were told that repeated cyber breaches in these organisations have led to the leakage of sensitive personal data of citizens, highlighting major failures in data protection, according to a Business Recorder report.

Senator Afnanullah Khan spoke strongly on the issue and warned that the frequent theft of data from official databases could even suggest the involvement or negligence of insiders.

He said the situation reflects not just isolated lapses but deep-rooted structural weaknesses in Pakistan's overall cyber security system.

According to him, combined data taken from NADRA, the FBR and even banks is openly available on the dark web, showing how serious and widespread the problem has become.

The threat is not limited to government departments alone. Private sector entities, including banks, telecom companies and digital platforms, are also vulnerable to hacking and data leaks.

Many of these organisations still rely on outdated security systems and lack strong mechanisms to respond quickly when breaches occur.

Meanwhile, cybercriminals are using more advanced methods such as automated attacks, social engineering and linking data from multiple sources to make money from stolen information on a large scale.

Despite these risks, cyber security is still not treated as a major governance or business priority in the country.

Experts believe there is a clear lack of long-term investment, strict enforcement and accountability, which leaves both state institutions and private companies exposed in an increasingly hostile digital world.

This comes at a time when the government is actively promoting digitalisation. The Digital Nation Pakistan Act, passed last year, aims to build a strong digital economy and governance system by expanding digital services and providing digital identities to citizens.

However, critics warn that this rapid push towards digitalisation has not been matched with adequate safety measures.

Expanding digital systems without strong safeguards creates large central data pools, increases points of attack and makes the impact of breaches far more damaging.

Observers stress that any move towards digital platforms must go hand in hand with robust and continuously updated cyber security systems.

It is particularly worrying that Pakistan still does not have a comprehensive data protection law to safeguard personal and financial information.

There is also no legal requirement forcing organisations to invest in cyber security infrastructure or to prepare for threats such as hacking, identity theft and online fraud. In fact, some recent government actions have made the situation worse.

Steps like slowing down internet speeds and trying to restrict the use of VPNs have drawn criticism for showing a poor understanding of digital security.

Slower internet can delay important security updates, while restricting VPNs weakens online privacy and exposes sensitive data.

This, experts say, makes both public and private systems more vulnerable to cyberattacks.

- IANS

Share this article:

Reader Comments

S
Sarah B
As someone working in IT security, the mention of outdated systems and lack of incident response is a global red flag. Digitalization without security is like building a house without a foundation. Hope Indian policymakers are taking notes.
P
Priyanka N
The part about data being sold on the dark web is terrifying for ordinary citizens. It's not just about privacy, it can lead to real financial fraud and identity theft. Every country, including ours, needs strong data protection laws. Jai Hind.
R
Rahul R
While the situation there seems dire, let's not point fingers. We have our own challenges. I remember reading about some data breaches in Indian banks too. The focus should be on learning and improving security standards across the subcontinent.
A
Aman W
Slowing internet and banning VPNs to "improve security" shows a fundamental misunderstanding. It actually makes systems *more* vulnerable! Hope our TRAI and IT Ministry never consider such backward steps. We need faster internet and *more* secure tools, not less.
K
Kavya N
This is why digital literacy is so important. We can have the best laws, but if citizens don't know how to protect their own data online, they remain at risk. Schools and colleges in India should include basic cyber hygiene in the curriculum.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50