Three suspects have been arrested in Lahore after the National Cyber Crime Investigation Agency (NCCIA) dismantled an illegal network selling confidential mobile user data, acting on a complaint filed by the Pakistan Telecommunication Authority (PTA).
The joint operation led to the recovery of five mobile phones, eight biometric devices, 43 suspected SIM cards, and other sensitive digital records. Investigators found evidence that the data was being bought and sold through WhatsApp.
According to the PTA, the suspects allegedly traded call detail records (CDRs), IMEI numbers, subscriber information, and users location data. The recovered material also included citizens fingerprints, national identity card details, and records related to financial transactions.
A case has been registered against those arrested, and authorities are working to identify and apprehend other individuals suspected of links to the network. Forensic analysis is underway to gather further evidence as the investigation continues.
The PTA said protection of consumers personal and confidential data remains a top priority and that legal action against those involved in the illegal trade of sensitive information will continue.
The operation follows an earlier disclosure by PTA Chairman Major General (R) Hafeez-ur-Rehman, who told the Senate Standing Committee on Information Technology and Telecommunication last year that personal data of Pakistani citizens had been found on the dark web.
The committee, chaired by Senator Palwasha Mohammad Zai Khan, had taken up media reports of a major data breach in the telecom sector.
The PTA Chairman told the committee that a report on the matter had surfaced three weeks earlier and that verification confirmed the presence of Pakistani citizens data on the dark web. He said the leaked material included copies of national identity cards (CNICs), travel history, and mobile SIM details.