Cyber Incident Victim: Government of Pakistan
Date:
Aug 2022
Location:
Pakistan
Summary
A significant security breach at the Prime Minister's Office in Islamabad resulted in the leak of sensitive audio recordings involving high-level government officials, including the prime minister and cabinet members. The recordings captured informal discussions on political, economic, and security matters, such as cross-border trade negotiations and parliamentary resignations. A hacker group allegedly associated with neighboring India claimed responsibility, offering approximately 8 GB of data—including 100 hours of conversations—for sale on the dark web for $345,000. While government officials initially downplayed the incident as evidence of no wrongdoing, internal sources and cybersecurity experts expressed grave concerns over systemic vulnerabilities in the office's digital infrastructure, attributing security lapses to inadequate protective measures and policy failures.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late August 2022, a series of audio recordings depicting private conversations among senior Pakistani government officials—including Prime Minister Shehbaz Sharif, PML-N leader Maryam Nawaz, and multiple cabinet members—surfaced online. The leaks, initially shared on social media by opposition PTI leaders, contained discussions on sensitive topics such as the import of Indian machinery for a power project linked to Maryam Nawaz's family, deliberations over PTI lawmakers' resignations, and conversations about former army chief Pervez Musharraf. The recordings appeared to originate from informal exchanges within the Prime Minister's Office rather than intercepted phone calls. While Information Minister Marriyum Aurangzeb asserted the clips demonstrated "no wrongdoing," internal government sources described the breach as a serious national security incident. Prime Minister Shehbaz Sharif, who was abroad during the initial leaks, ordered an investigation upon his return. Former information minister Fawad Chaudhry of PTI claimed the leaks stemmed from a cyberattack resulting in 100 hours of conversations (approximately 8 GB of data) being offered for sale on the dark web for $345,000, with the hacker collective allegedly linked to previous operations benefiting India.
The incident exposed critical vulnerabilities in the PM Office's cybersecurity infrastructure, with responsibility attributed to the Intelligence Bureau (IB) by both PTI officials and a senior military ISPR representative. Unverified reports suggested the hackers possessed additional recordings involving former PM Imran Khan. Opposition figures, including Chaudhry and Shireen Mazari, demanded transparent investigations, while IT expert Shahzad Ahmed cited systemic failures in Pakistan's cyber defense policies as a contributing factor. The government's public response remained contradictory: Interior Minister Rana Sanaullah downplayed the severity, calling leaks "common," even as PM House sources acknowledged the gravity of the breach. The leaks intensified political tensions, with PTI leveraging them to criticize the government's competence, and raised operational concerns about the security of classified discussions affecting economic and security matters. No public findings from the government's investigation or details about containment measures were disclosed in the available reporting.