Cybercriminals illicitly obtain data from more than 2 million Pakistanis in restaurant breach, now offering it for sale.


Cybercriminals, On Wednesday, it came to light that a group of hackers managed to breach the databases of several restaurants across Pakistan, accessing the personal data of approximately 2.2 million citizens. Shockingly, this pilfered information is now being offered for sale on the internet.

According to a report by Geo News, the hackers have showcased the compromised data of some individuals as a sample in their advertisement, aiming to entice potential buyers.

These cybercriminals assert that they successfully infiltrated a database developed by a private company, which is employed by more than 250 food establishments for processing payments. Additionally, they have disclosed the names of numerous restaurants that have fallen victim to this security breach.

According to available information, the compromised citizen data contains their contact numbers and credit card information. This breached software is widely utilized by hundreds of restaurants across the country.

Additionally, the stolen data includes details such as the number of transactions and the respective amounts paid by citizens, all of which are now accessible for purchase online.

The cybercriminals are offering this citizen data for a price of 2 Bitcoins, equivalent to $54,000 based on the current market value, with one Bitcoin valued at $27,000. In Pakistani rupees, these two Bitcoins amount to over Rs15 million.

As of now, the Federal Investigation Agency’s (FBR) cybercrime circle has not received any complaints regarding this incident.

It’s worth noting that the federal government recently issued a directive advising all IT and financial institutions, including regulatory bodies, to avoid using Indian-origin artificial intelligence (AI)/information and communication technology (ICT) products. This advisory was based on concerns that such products could pose an ongoing concealed threat to Pakistan’s critical information infrastructure (CII).

The government communicated this threat to relevant authorities through a “cybersecurity advisory,” which was shared with federal and provincial ministries and sectoral regulators. The advisory highlighted that AI products and services are globally utilized by various industries, including the financial and banking sectors, to enhance business operations.

However, it raised concerns about the fintech sector in Pakistan, including some banks, engaging with Indian-origin companies offering IT products, cybersecurity solutions, AI, and more. The document pointed out two potential threats: the possibility of backdoors or malware in these products for collecting logs, data traffic analysis, and personal identifiable information (PII), as well as direct Indian involvement in Pakistan’s CII through technical means and access control, allowing passive monitoring.

Visit for more news.

Leave a Reply

Your email address will not be published. Required fields are marked *