Pakistan’s cybersecurity space came under scrutiny after claims surfaced online about a major breach of the National Emergency Operations Centre, a platform operated under the National Disaster Management Authority.
The alleged breach was attributed to a threat actor using the alias “h4xorvats,” who claimed to have accessed thousands of files, including source code and sensitive user data such as CNIC details, bank records, medical histories, and personal information.
However, NDMA officials have firmly denied the claims, calling them false and misleading. A senior official stated that no cyber incident or suspicious activity has been detected within the NDMA or NEOC systems.
Authorities also clarified that NEOC’s mandate is limited to monitoring natural hazards and disaster response. The platform relies on climate sensors, satellite data, and analytical tools to provide early warnings, and does not collect or store personal, medical, or financial data.
Officials emphasized that all NEOC-related data is either operational or publicly available and does not include confidential personal information. As such, they dismissed the alleged breach as fabricated.
The claims had raised concerns because, if true, such a breach could have exposed sensitive data and created risks including identity theft, financial fraud, and targeted phishing attacks.
For now, authorities maintain that there has been no compromise of systems, and that the circulating reports are not based on factual information.
