Officials from the National Database and Registration Authority (NADRA) have informed the Senate Standing Committee on IT and technology that the national identity database is not completely secure despite multiple cybersecurity measures implemented to protect sensitive citizen information.
The disclosure was made during a meeting of the Senate Standing Committee on Information Technology and Telecommunication, where lawmakers questioned officials about possible data leaks and the overall security of digital records.
During the discussion, Senator Dr Afnan Ullah Khan raised concerns and asked whether data belonging to NADRA had appeared on the dark web, prompting officials to clarify the authority’s position.
NADRA representatives told the committee that the authority’s database was not available on the dark web, rejecting claims that its internal systems had directly leaked sensitive citizen records.
However, officials acknowledged that some data linked to NADRA had previously appeared in leaks, explaining that the information had not been compromised from NADRA systems themselves.
They stated that the leaked information originated from other institutions that possessed or processed citizen records, suggesting that weaknesses in external systems may have exposed certain personal data.
NADRA officials also informed lawmakers that around 1,400 firewalls had been purchased and installed at key locations to strengthen cybersecurity and protect sensitive digital infrastructure.
Despite these security upgrades, officials admitted during the committee meeting that the authority’s database could face cyberattacks as complete security against all potential cyber threats is not possible.
