FB pixel

Alleged massive NADRA breach does not include biometrics; evidence pending

Alleged massive NADRA breach does not include biometrics; evidence pending
 

A joint investigation team told Pakistan’s Interior Ministry this week that a breach from NADRA’s national identity database has been confirmed, Geo News reports. The announcement is the latest twist in a saga in which accusations and denials have been far more plentiful than presentations of evidence.

As many as 2.7 million people’s records are involved, according to investigators.

The joint investigation team was headed by an official from the Federal Investigation Agency (FIA). It says that data was stolen from servers in Multan, Karachi and Peshawar. The team recommended that legal action be taken against NADRA senior officials responsible at the time. The breach took place between 2019 and 2023, according to Geo. The Deccan Chronicle reports that an upgrade of NADRA’s technology is also recommended.

Usman Mobin served as chairman of NADRA from 2015 to 2021, and Tariq Malik served as chairman from June of 2021 to June of 2023. They are the only civilian heads of NADRA in the agency’s history. The agency is now chaired by Lieutenant General Muhammad Munir Afsar.

The report also contains sensational allegations of the data being traced to Argentina and Romania via Dubai.

A source familiar with the security incident who declined to be named tells Biometric Update that no biometric data was breached in the attack. The source confirmed that text data such as names, mobile numbers and addresses of NADRA-holders was breached.

The source said the breach was the result of a supply chain attack involving a PTCL router deployed to a NADRA facility in Multan, Punjab. The breach also began earlier than investigators claim, in 2016, according to the anonymous source.

Biometric Update is unable to confirm either the details provided by the FIA-led investigation or the anonymous source.

Perhaps most curious is uncertainty about whether the breach is new information. An FIA official told a parliamentary panel that a NADRA biometric database was compromised in November, 2021. The accusation was denied by NADRA, and Malik said at the time that the allegations were intended to sow chaos and undermine public trust in the institution.

Malik resigned amid a polarized political environment. This occurred shortly after NADRA sacked over a hundred employees for violations of data security measures, several of whom had been found responsible for leaking personal data belonging to a senior military official and his family following four investigations ordered by Malik, Dawn reported. NADRA had also introduced several data protection measures, including a system for notifying people when their records are accessed.

By then, the story of the NADRA breach had already had a winding journey, with an initial report denied in its entirety by the FIA as “not based on facts.”

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

New South Wales Digital Strategy is building a roadmap to inclusion and safety

Chris Minns’ Labour government has launched its new digital roadmap for New South Wales, Australia’s most populous state and home…

 

Worldcoin waves in more applications for expanded grant program

Worldcoin has shifted their grant program to fund innovation in its World ID project, decentralized identity and growth initiatives, says…

 

MDL interoperability put to the test amid standardization, adoption push

Australia’s National Digital Trust Service (DTS) for digital driver’s licenses has passed an interoperability road test based on international standards….

 

Governments need digital ID verification strategies to beat rampant fraud

“The concept of digital IDs is relatively straightforward”: so says a piece in Nextgov/FCW, covering fresh legislative efforts to win…

 

Infrastructure challenges impacting NIN card production says UrbanID exec

Acute infrastructural challenges stand in Nigeria’s way as the country carries on with the issuance of mobile digital ID as…

 

Philippines agency to print national ID cards itself

The Philippine Statistics Authority (PSA) is switching up where it is printing PhilSys ID cards following the termination of the…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

DIGITAL ID for ALL NEWS

Featured Company

ID for ALL FEATURE REPORTS

BIOMETRICS WHITE PAPERS

BIOMETRICS EVENTS

EXPLAINING BIOMETRICS