Tech Desk 
Sep 20, 2025
In a startling development which has befallen Pakistan, personal data of over 350,000 Hajj applicants has been leaked on the Dark Web, confirmed the Senate Standing Committee on IT and Telecom on Friday.
The data was illicitly taken over in a massive cyber attack that victimised Pakistani citizens' personal data and put it on sale on the Dark Web, an online platform known for processing and facilitating various notorious and unethical activities.
Also entailing inappropriate content and its transactions, the Dark Web is inaccessible to ordinary internet users as its access requires tailor-made browsers. This shows that some of the most severe flaws encompass Pakistan’s digital security framework.
Senator Palwasha Khan questioned the committee officials about the delay in the implementation of the long-awaited Data Protection Bill, which has already received cabinet approval. She dubbed the inaction “ministerial negligence” in a meeting where State Minister for IT and Telecom Shaza Fatima Khawaja was absent.
The appearance of Hajj applicants' critical information on the Dark Web was also corroborated by the PTA chairman.
Lawmakers warned of the dire consequences of such data leaks, referencing incidents in Iran where stolen information was exploited during conflicts. Another lawmaker underscored the importance of information security for national defence.
Concerns were also raised about the capacity of the newly established National Cyber Crime Investigation Agency (NCCIA) to manage such breaches.
The exposure of Hajj applicants' personal records has intensified calls for the government to expedite cybersecurity legislation, as repeated breaches are a threat to both citizens and Pakistan’s digital sovereignty.
