In a recent follow-up report, it was disclosed that despite raising the alarm nearly a year ago, the illegal trade of personal data — including that of federal ministers, senior officials, and ordinary citizens — continues on various online platforms, without any serious government intervention.
The report detailed that multiple websites are actively offering access to private information for fixed prices. These include mobile phone location data available for Rs500, mobile usage records for Rs3,500, and international travel history for Rs5,000.
More concerning is the sale of data tied to International Mobile Equipment Identity (IMEI) numbers for Rs25,000, along with colored photocopies of citizens CNICs (Computerized National Identity Cards).
Why IMEI Leaks Are Dangerous
The IMEI number, a unique identifier for each mobile device, is typically used by telecom operators to authenticate phones on their networks, block stolen devices, or assist in recovery efforts. However, in the wrong hands, it poses a serious privacy threat.
Criminals with access to an IMEI number can potentially monitor a person’s location using telecom data. In more severe cases, IMEI cloning — the duplication of this identifier onto another device — can allow someone to impersonate the victim’s phone on the network. This can lead to phones being falsely reported as stolen or even blacklisted, rendering them useless.
When paired with other leaked data, such as call records or ID card copies, IMEI-related data can enable scammers and fraudsters to create detailed profiles of individuals. These profiles may then be used for targeted fraud, identity theft, blackmail, or other malicious purposes.
Data misuse beyond digital crime
The investigation also warned of offline consequences, citing cases where victims had no idea their personal information was being misused — such as in legal bail proceedings or fraudulent property transactions.
Despite the severity of the issue, the report raised questions about the lack of enforcement or regulation, asking why the sale of private data remains unaddressed even after being highlighted nearly a year ago.
Also Read: Punjab govt announces electricity and tax relief for flood victims
Government response
In response to the latest report, Interior Minister Mohsin Naqvi took notice of the situation and ordered the National Cyber Crime Investigation Agency (NCCIA) to launch a formal investigation.
According to the Interior Ministry, the Director General of NCCIA has constituted a dedicated inquiry team tasked with examining every aspect of the data breaches. The team has been directed to present its findings within 14 days.
“The investigation team will thoroughly probe how the data was accessed and sold, identify those responsible, and ensure they are held accountable under the law,” a ministry spokesperson said.
