Pakistan’s worst fears over data security are coming true. The personal data of 350,000 Hajj applicants has been leaked and sold on the dark web — and lawmakers are furious over what they call criminal negligence by the government, the PTA, and telecom operators.
Read More: Jazz Selling Your Privacy? Data Breach Scandal Rocks Pakistan’s Biggest Telco
In a tense session of the Senate Standing Committee on IT & Telecom, chaired by Senator Palwasha Khan, members tore into officials over the cascade of breaches that have compromised sensitive data — from SIM cards to NADRA’s national database — all while the government drags its feet on passing the long-delayed Data Protection Bill.
“This is a disaster. If NADRA’s data is compromised, every citizen of Pakistan is exposed,” warned Senator Afnanullah, calling the failure to secure national databases “a very big failure.”
The bombshell disclosure came from PTA Chairman, who admitted not only that the Hajj applicants’ data had been posted online but that his own SIM information has been available on the dark web since 2022 — proof, he said, of systemic telecom data vulnerabilities.
Govt Accused of Protecting Corporations, Not Citizens
Senators accused the government of prioritizing corporate interests while leaving citizens defenseless.
“The very law that could stop this theft — the Data Protection Bill — is being blocked,” Senator Afnanullah fumed, hinting at powerful lobbies stalling reform.
Committee Chair Palwasha Khan didn’t mince words, slamming the IT Ministry’s incompetence and absence from critical sessions. “The IT Minister does not even attend committee meetings,” she said, vowing to expose the attendance record publicly.
Data Breach = National Security Threat
Lawmakers warned that these breaches are not just a governance failure but a direct threat to national security. Senators drew chilling parallels with Iran, where stolen data was reportedly exploited during conflict, leading to targeted strikes.
“Pakistan is sitting on a ticking time bomb,” Senator Kamran Murtaza warned. “If our enemies get hold of this data, they will use it against us.”
Committee Demands Emergency Action
The committee demanded:
- Immediate passage of the Data Protection Bill already approved by cabinet.
- Empowerment of the National Cyber Crime Agency (NCCA) to lead investigations with full resources.
- Accountability of telecom operators and regulators for storing data insecurely.
- A national-level inquiry into repeated SIM and NADRA breaches.
Until then, lawmakers warned, citizens will remain vulnerable, foreign hackers will keep exploiting Pakistani data, and the trust between people and the state will continue to collapse.
“Data protection is not a luxury — it’s a matter of survival,” Palwasha Khan concluded. “Every day of delay is another day we are exposing our citizens to danger.”