The Federal Investigation Agency's (FIA) cybercrime wing has unearthed that the National Database and Registration Authority's (Nadra) biometric data has been hacked while fake SIMs are being exported, it emerged on Thursday.
During a briefing to the National Assembly Standing Committee on Information Technology and Telecommunication, FIA Cybercrime Wing Additional Director Tariq Pervez made the revelation about Nadra's biometric data. "Nadra's data has been compromised, it has been hacked," he said.
In a later statement, he attempted to clarify his remarks and said that all of Nadra's data had not been hacked. "During the SIM verification process involving biometric data, Nadra's biometric system is compromised," he said, without providing further explanation.
The FIA official told the NA body that 13,000 fake SIMs were seized during a crackdown in Faisalabad. He stated that the wing had received 89,000 cybercrime complaints so far, and did not have the sufficient number of staff to address the complaints reported on a daily basis.
"The FIA's cybercrime wing only has 162 investigation officers," he said.
He also told the NA body that whenever they trace culprits behind financial fraud cases, they usually turn out to be an elderly person or a woman, whose data is being used by the real culprits.
Meanwhile, the Pakistan Telecommunication Authority (PTA) Chairman retired Maj Gen Amir Azeem Bajwa said that no mobile phone company had been given permission to sell SIMs door-to-door. "There has been a 600 per cent decrease in the sale of illegal SIMs during the past one year," he said.
He said that people's thumbprints are taken using "illegal methods", adding that the thumbprint system was now being phased out.
Two mobile phone operators have been fined Rs100 million and Rs50m, respectively, while more than 0.5m SIMs have been blocked, he said.
The PTA chairman said that 26,000 fake SIMs were found during the month of October. He added that a complaint can be lodged against those who involved in sending messages of financial fraud on the authority's website.
On August 31, Nadra launched a mobile phone application which enabled citizens to use their smartphones for biometric verification.
Last year in April, a data breach involving the sale of data of 115 million Pakistanis on the darknet was reported. However, the interior ministry later told the Sindh High Court that no data related to Pakistani mobile users was leaked on Nadra's part.