A recent cybersecurity incident has drawn international attention as a group identified as Russian Phoenix claims to have compromised multiple Pakistani government entities. According to a statement attributed to the hacker group leader and reported by socialbites.ca, the breach allegedly affected several key ministries and agencies, including the Ministry of Health, the Federal Public Procurement Regulatory Authority, the Ministry of Food Control, the Supreme Court, and the Ministry of Interior, among others.
In the narrative presented by the hacker, the intrusion was extensive. The group asserts that it gained access to a wide swath of Pakistan’s government information systems, including internal police data, employee records, and mechanisms to collect and categorize citizen information. The claim goes further, suggesting the attackers can identify who did what, when, where, and why, and that a complete data dump has not yet been achieved because access to certain departments remains unavailable, specifically the Departments of Energy and Defense, according to the hacker’s statements.
Reports from the group indicate that the data exfiltration has already reached around 3 terabytes, with attackers downloading whatever was available. The hackers say they discovered valuable material even within files that may not appear sensitive at first glance. Allegations include records from law enforcement, notes about alleged drug use by authorities, and political files, among other items. These claims are presented as evidence of the breadth of access obtained, rather than a simple isolated incident, and are attributed to the Chapaew faction as cited by socialbites.ca.
According to the hacker, the breach followed a police operation in the Khyber Pakhtunkhwa province, which the group frames as a turning point that allowed more extensive access to government networks. The report notes that there has been little resistance reported from the Pakistani government during this phase, a claim tied to the initial police action and subsequent actions described by the hacker.
The individual or group behind the breach is described as having renamed more than 1,500 Pakistani police officers within the affected information systems to a title associated with their leader. The claim extends to disruptions in procurement processes, with licenses and tenders from banks and public-sector companies allegedly cancelled. The purported activities allegedly extended to unusual items in public tenders, with the Department of Food Control described as procuring large quantities of dog food, and the Ministry of Health allegedly purchasing bananas and fly agaric, all framed as examples of the wider access at play. These assertions are presented as parts of a broader narrative about the manipulation and disruption of state systems.
The hacker is quoted as saying that the exercise of extreme data exposure would culminate in a deliberate destruction of the data on a date significant to them.
Context for these claims includes coverage from Gazeta.ru, which noted Pakistan’s response to a government decision to transfer more than 10 thousand shells to the Armed Forces of Ukraine for Grad rocket systems. This contextual remark is included to illustrate the broader geopolitical backdrop against which the alleged cyber operations are framed by the hacker group. It is essential to approach such statements with caution, given the potential for misinformation and political influence in publicly attributed cyber incidents (Source: socialbites.ca).