ISLAMABAD: The National Cyber Crime Investigation Agency (NCCIA) has arrested a gang involved in stealing and selling sensitive personal data of senior Pakistani officials to foreign intelligence networks.

NCCIA Director General Syed Khurram Ali confirmed the operation, stating the suspects had been under surveillance for several months.

According to the agency, the gang accessed and shared call records, Computerised National Identity Cards (CNICs), passports, and other confidential documents.

The arrests were made in a coordinated operation in Lahore and Karachi.

DG Syed Khurram Ali said the gang was primarily targeting high-profile individuals including government officials, military personnel, and businessmen.

“These elements were compromising national security by leaking sensitive information for financial gain,” he said in an official statement.

NCCIA sources revealed that at least eight suspects have been taken into custody. Preliminary investigations suggest links to foreign handlers operating from outside Pakistan.

The agency recovered multiple devices containing thousands of records during the raids. These included scanned copies of passports, detailed call logs spanning several months, and financial transaction data.

Officials said the data was being sold through encrypted channels and dark web platforms. Payment was reportedly received in cryptocurrency.

This case highlights growing concerns over data privacy and cyber espionage targeting Pakistan. In the last fiscal year, NCCIA reported over 4,200 cases of data breaches and identity theft, showing a 28 percent increase from the previous year.

Senior officials from the Federal Investigation Agency (FIA) and Inter-Services Public Relations (ISPR) have been briefed on the latest developments.

The gang reportedly operated in small cells to avoid detection, using local SIM cards and proxy servers. Investigations indicate they had access to insider information from certain government departments.

Background checks on the arrested individuals reveal several had prior records in financial fraud and cyber-related offences.

One key suspect is believed to have worked as a low-level contractor in a government office, providing initial access to databases.

NCCIA has intensified monitoring of similar networks following this bust. The agency is collaborating with international partners on tracing the foreign recipients of the leaked data.

The development comes amid rising cyber threats to Pakistan. According to official estimates, the country faces thousands of daily cyber attacks, many aimed at critical infrastructure and sensitive personal information.

In 2025, Pakistan blocked over 1.2 million malicious URLs and phishing attempts, according to the Pakistan Telecommunication Authority (PTA).

Experts note that stolen CNIC and passport data can be used for identity theft, visa fraud, and targeted intelligence operations. Call records provide patterns of movement and associations that are highly valuable to hostile networks.

The Ministry of Interior has directed all relevant departments to review their data protection protocols following the NCCIA operation.

Public reaction on social media has been sharp, with many users calling for stricter data protection laws and accountability for departments where leaks originated.

Analysts suggest this case underscores vulnerabilities in Pakistan’s digital infrastructure despite significant investments in cyber security. The National Cyber Security Authority has been operational for nearly two years but faces challenges in coordination between civilian and military institutions.

NCCIA officials said further arrests are likely as the investigation widens. The agency is examining possible connections to larger international cyber crime syndicates.

The sensitive nature of the leaked information means the full extent of damage is still being assessed. Officials have assured that immediate steps have been taken to contain the breach.

This operation demonstrates NCCIA’s growing capacity to tackle sophisticated cyber crime networks operating within and outside Pakistan.

The case is expected to lead to stricter regulations on data handling in government institutions. Upcoming reviews may include mandatory two-factor authentication, regular audits, and enhanced employee screening for access to sensitive records.

Regional security implications are also significant, as such leaks can be exploited to undermine diplomatic and defence interests.

Further details are expected in the coming days as the investigation proceeds. NCCIA has appealed to citizens to report suspicious cyber activities through its official helpline.

Authorities continue to monitor related networks, with operations likely to expand in major urban centres.

The outcome of this case will be closely watched by both security institutions and the general public concerned about data safety in an increasingly digital environment.