Pakistan issues urgent cybersecurity alert after 180 million passwords get exposed in global data breach

ISLAMABAD: Pakistan’s National Cyber Emergency Response Team (NCERT) has issued a critical cybersecurity advisory following the exposure of an unprecedented 180 million user records in a massive global data breach. The breach has compromised over 184 million passwords associated with leading digital platforms, including Google, Microsoft, Facebook, Instagram, Snapchat, and Apple, raising serious concerns for users worldwide, including in Pakistan. 

According to the advisory, the breach stems from the spread of InfoStealer malware, a sophisticated tool designed to silently extract sensitive user data from infected systems. The stolen information includes login credentials, email addresses, and possibly sensitive data from government portals and financial institutions. The scale and scope of the breach have heightened the risk of identity theft, unauthorized account access, and ransomware attacks, prompting immediate warnings from cybersecurity authorities.

Pakistani users, particularly those using popular online platforms or connected to critical infrastructure, have been urged to change the passwords of their accounts without delay. The advisory emphasized that any delay in taking precautionary measures could leave users vulnerable to cyberattacks and financial fraud. 

Moreover, the leak poses a potential threat to national cybersecurity, especially where official government portals and institutional systems may have been compromised.

NCERT has strongly advised users to ensure their accounts are protected with two-factor authentication (2FA) wherever possible. This additional layer of security, the advisory noted, can help prevent unauthorized access even if passwords are stolen. It further warned users to stay vigilant against phishing attempts, particularly suspicious emails or links that may masquerade as password reset requests.

The advisory also underscored the importance of using secure and encrypted password managers to store login credentials, rather than saving passwords in emails or unsecured digital notes. It urged users to keep their antivirus and security software updated at all times and to remain alert to any unusual login activities on their accounts.

NCERT’s alert follows international cybersecurity reports and was accompanied by a recommendation for users to consult further details in global coverage, including a detailed analysis published by ZDNet. 

The breach, with its vast global implications, is a stark reminder of the growing threats in the digital age and the critical importance of proactive cybersecurity practices, especially for users and institutions in Pakistan.