Stolen data from 'almost all' Pakistan banks goes on sale on dark web
Hackers stole more than $2.6 million in an audacious ATM cash out using stolen credit and debit card details
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Hackers sole customer data from "almost all major Pakistani banks" and placed it on the dark web, the country's cyber-crime chief has revealed.
The comments from Mohammad Shoaib, director of Pakistan's Federal Investigation Agency (FIA), follow a report from cyber security firm Group-IB that private bank data had been compromised. Group-IB discovered the details for sale in forums on the dark web – a section of the internet only accessible using specialist software.
"Almost all [Pakistani] banks' data has been breached. According to the reports that we have, most of the banks have been affected," Mr Shoaib told Geo News.
"More than 100 cases [of cyber attacks] have been registered with the FIA and are under investigation. We have made several arrests in the case, including that of an international gang."
More than 20,000 users have been affected by the security breach, according to the FIA, with credit and debit card details from potentially 22 Pakistani banks among the data compromised.
Cyber criminals have already cashed out $2.6 million from foreign ATMs, according to the Group-IB report, mirroring a similar attack earlier this year during which hackers syphoned more than 940 million rupees (£10.5 million) from ATMs around the world.
"An interesting fact is that cards from this region are very rare on the [dark web] cardshops," the Group-IB report stated. "In the past six months it is the only one big sale of Pakistan cards."
In a separate interview with Dawn News TV, Mr Shoaib said it was the responsibility of the banks to protect their customers' data.
"The hackers have stolen large amounts of money from people's accounts," he said.
"The recent attack on banks has made it quite clear that there is a need for improvement in the security system of our banks."
The State Bank of Pakistan instructed banks to increase vigilance but denied that it had been the victim of a cyber attack. It also revealed that at least six banks in the country have already suspended the use of its debit cards internationally.
"It has come to our notice that few banks have even withdrawn the facility of cards being used outside Pakistan," Abid Qamar, chief spokesperson for the State Bank of Pakistan, told the Daily Jang.
"Some are [however] allowing this facility upon instructions of their customers only."
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments