Cyber Incident Victim: Supreme Court of Pakistan
Date:
Mar 2023
Location:
Pakistan
Summary
The Supreme Court of Pakistan's official website was taken over by attackers of unknown origin who posted a message saying “our spring sale has started.” Social media quickly filled with screenshots of the altered site. Government IT specialists restored the website after a short disruption. Shortly after recovery, a COVID‑19‑related advisory was posted urging only essential visitors to come to the court. It remains unclear whether any data was stolen or how long the site was inaccessible.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Tuesday morning, the official website of the Supreme Court of Pakistan was taken over by attackers of unknown origin. The intruders replaced the normal content with a message that read “our spring sale has started”. Within minutes, users began sharing screenshots of the altered page on various social media platforms, causing the hacked site to circulate widely online. The defacement occurred during regular business hours and was noticed quickly by visitors and government staff.

Government IT specialists responded promptly and managed to restore the website after a short period of downtime. Once the site was back online, a COVID‑19‑related advisory was posted, instructing that only concerned individuals should visit the court despite the low number of active cases in Islamabad at that time. It remains unclear whether any data was exfiltrated from the Supreme Court server or exactly how long the disruption lasted before restoration. The attack added to a series of recent cyber incidents affecting Pakistani online services.
Earlier in March 2023, the online retailer Naheed experienced a breach in which hackers claimed to have stolen up to 23,000 user records and 108 order details containing personal and payment information. Naheed later confirmed that the breach stemmed from a compromised developer laptop via a phishing attack, exposing non‑critical test data on a staging server. While the Naheed incident is separate, it illustrates the broader threat environment in which the Supreme Court website attack occurred. The Supreme Court defacement did not result in any publicly confirmed data loss, but the episode highlighted the vulnerability of government web assets to rapid takeover and the need for swift incident response.
