muhammadhafeezmalik said: FIA says NADRA’s biometric data ‘compromised’







The Federal Investigation Agency (FIA) on Thursday informed a National Assembly panel that the National Database and Registration Authority’s (Nadra) biometric data had been hacked fake SIMs were being exported.



However, FIA Cybercrime Wing Additional Director Tariq Pervez, who told this to the National Assembly Standing Committee on Information Technology, later tried to clarify this claim.



"We have unearthed that Nadra's data has been compromised, it has been hacked,” the FIA official told the meeting, chaired by Ali Khan Jadoon, who belongs to the ruling PTI.



He added that the FIA had seized around 13,000 fake SIMs during a crackdown in Faisalabad, adding that 89,000 complaints had been received by the agency’s cybercrime wing, but it did not have the sufficient number of employees to address them on a daily basis.



"The FIA's cybercrime wing only has 162 investigation officers.”



At the same time, his statement created warning signs among the MNAs and queries were presented before the official related to Nadra’s data theft.



Soon, the additional director altered his statement saying that Nadra's data had not been hacked, but its biometric system was compromised that was used during the SIM verification process.



He also told the committee that whenever they traced culprits behind financial fraud cases, they usually turned out to be an elderly person or a woman, whose data was being used by someone else for the crime.



However, Nadra has refuted the claims of the FIA official. In a statement, a Nadra spokesperson said that the public biometric data was completely safe and not hacked.



“The FIA [official’s] statement regarding the hacking of biometric data is based on a misunderstanding,” the spokesperson added.



“Nadra will seek a clarification from the FIA over the ‘unnecessary statement and misrepresentation’ of the issue.”



The NA panel, while discussing the availability of illegal SIMs in the country, unanimously stressed the need for overcoming this challenge.

It emphasised on increasing the capacity building of relevant institutions to ensure cybersecurity in the country.



Responding to the concerns of the committee members, Pakistan Telecommunication Authority (PTA) Chairman Maj Gen (retd) Amir Azeem Bajwa said that no mobile phone company had been given permission to sell SIMs at door-to-door basis.



"There has been a 600% decrease in the sale of illegal SIMs during the past one year," he maintained.



The PTA chairman clarified that the culprits obtained thumbprints of unaware people -- mostly elderly or uneducated women -- for various purposes including receiving digital payments and these biometric verifications were used to obtain SIMs.



He added that some other illegal methods had been used to copy thumbprints, but the system was being phased out.

“The live fingerprint detection system is being introduced to eliminate the use of silicon thumbs.”



The PTA chairman further told the committee that two mobile phone operators had been fined Rs100 million and Rs50m respectively for showing carelessness while issuing SIMs.

“Over 0.53 million SIMs have been blocked after receiving complaints.”



Bajwa said 175,000 illegally issued SIMs had been blocked since November 2020, which included over 2,600 in October this year.

He further informed the committee that complaints could be lodged against those, who were involved in sending messages related to financial fraud at the authority's website.

The committee was briefed by IT Secretary Dr Sohail Rajpur over the social media rules and the National Cyber Security Policy 2021.



The chairman of the committee stressed the need for keeping the national interest and national perspective into consideration while formulating laws.

However, the MNAs mainly belonging to the PML-N and PPP, argued that the rules and regulations should be framed after consultation with public representatives.

The chairman decided for a separate briefing on the social media rules.



Regarding National Cyber Security Policy 2021, the committee unanimously stressed for strong measures to secure data, related to national security and individuals’ privacy in particular.

MNA Munaza Hassan of the ruling PTI briefed the committee about the salient features of the visit of a parliamentary delegation under chairmanship of National Assembly speaker to Azerbaijan last month. She added that there was a significant potential of IT exports to Azerbaijan.



FIA says NADRA’s biometric data ‘compromised’ | The Express Tribune After telling NA panel that information was 'hacked', agency’s official tries to clarify his claim

If FIA's assertions are true than it will be 3rd major hacking incident after FBR and NBP data theft under this government. After telling NA panel that information was 'hacked', agency’s official tries to clarify his claimThe Federal Investigation Agency (FIA) on Thursday informed a National Assembly panel that the National Database and Registration Authority’s (Nadra) biometric data had been hacked fake SIMs were being exported.However, FIA Cybercrime Wing Additional Director Tariq Pervez, who told this to the National Assembly Standing Committee on Information Technology, later tried to clarify this claim."We have unearthed that Nadra's data has been compromised, it has been hacked,” the FIA official told the meeting, chaired by Ali Khan Jadoon, who belongs to the ruling PTI.He added that the FIA had seized around 13,000 fake SIMs during a crackdown in Faisalabad, adding that 89,000 complaints had been received by the agency’s cybercrime wing, but it did not have the sufficient number of employees to address them on a daily basis."The FIA's cybercrime wing only has 162 investigation officers.”At the same time, his statement created warning signs among the MNAs and queries were presented before the official related to Nadra’s data theft.Soon, the additional director altered his statement saying that Nadra's data had not been hacked, but its biometric system was compromised that was used during the SIM verification process.He also told the committee that whenever they traced culprits behind financial fraud cases, they usually turned out to be an elderly person or a woman, whose data was being used by someone else for the crime.However, Nadra has refuted the claims of the FIA official. In a statement, a Nadra spokesperson said that the public biometric data was completely safe and not hacked.“The FIA [official’s] statement regarding the hacking of biometric data is based on a misunderstanding,” the spokesperson added.“Nadra will seek a clarification from the FIA over the ‘unnecessary statement and misrepresentation’ of the issue.”The NA panel, while discussing the availability of illegal SIMs in the country, unanimously stressed the need for overcoming this challenge.It emphasised on increasing the capacity building of relevant institutions to ensure cybersecurity in the country.Responding to the concerns of the committee members, Pakistan Telecommunication Authority (PTA) Chairman Maj Gen (retd) Amir Azeem Bajwa said that no mobile phone company had been given permission to sell SIMs at door-to-door basis."There has been a 600% decrease in the sale of illegal SIMs during the past one year," he maintained.The PTA chairman clarified that the culprits obtained thumbprints of unaware people -- mostly elderly or uneducated women -- for various purposes including receiving digital payments and these biometric verifications were used to obtain SIMs.He added that some other illegal methods had been used to copy thumbprints, but the system was being phased out.“The live fingerprint detection system is being introduced to eliminate the use of silicon thumbs.”The PTA chairman further told the committee that two mobile phone operators had been fined Rs100 million and Rs50m respectively for showing carelessness while issuing SIMs.“Over 0.53 million SIMs have been blocked after receiving complaints.”Bajwa said 175,000 illegally issued SIMs had been blocked since November 2020, which included over 2,600 in October this year.He further informed the committee that complaints could be lodged against those, who were involved in sending messages related to financial fraud at the authority's website.The committee was briefed by IT Secretary Dr Sohail Rajpur over the social media rules and the National Cyber Security Policy 2021.The chairman of the committee stressed the need for keeping the national interest and national perspective into consideration while formulating laws.However, the MNAs mainly belonging to the PML-N and PPP, argued that the rules and regulations should be framed after consultation with public representatives.The chairman decided for a separate briefing on the social media rules.Regarding National Cyber Security Policy 2021, the committee unanimously stressed for strong measures to secure data, related to national security and individuals’ privacy in particular.MNA Munaza Hassan of the ruling PTI briefed the committee about the salient features of the visit of a parliamentary delegation under chairmanship of National Assembly speaker to Azerbaijan last month. She added that there was a significant potential of IT exports to Azerbaijan. Click to expand...

Not the first or the last time this has/will happen sadly.And that's all NADRA can do....deny stuff.....not upgrade and get better.