Pakistan hit by 5 million cyberattacks in 2025 as digital growth outpaces security
Synopsis
Pakistan absorbed more than 5 million cyberattacks in just nine months of 2025 — and the numbers reveal a country racing to digitise without the security guardrails to match. With 90% of retail transactions now digital, a 35% rise in cybercrime, and personal data appearing on dark-web marketplaces, the gap between Pakistan's digital ambition and its cyber readiness has never been more visible.
Key Takeaways
Pakistan recorded over 5 million cyberattacks in the first three quarters of 2025 , according to a Maldives Insight report.
More than 166,000 banking malware attacks and over 126,000 spyware incidents were detected during the period.
Cybercrime rose 35 per cent in 2025 , with more than 73,000 complaints filed nationwide.
Official figures show cybersecurity incidents climbed to over 500 in 2025 , up from 410 in 2024 .
Around 90 per cent of retail transactions in Pakistan were conducted digitally during FY25 , exposing a large and underprepared user base.
Sensitive personal data reportedly appeared on illicit online marketplaces, raising questions about data governance and oversight.
Pakistan recorded more than 5 million cyberattacks in the first three quarters of 2025, as the country's rapidly expanding digital economy left users and institutions dangerously exposed, according to a report by Maldives Insight. The surge coincides with a period of accelerated adoption of online banking, mobile payments and e-commerce — growth that has outpaced cybersecurity awareness at nearly every level.
Scale of the Threat
The Maldives Insight report documented more than 166,000 banking malware attacks and over 126,000 spyware incidents during the same period. Official figures cited in the report show Pakistan recorded over 500 cybersecurity incidents in 2025, up from 410 incidents in 2024 — a year-on-year rise that tracks a broader 35 per cent increase in cybercrime. More than 73,000 complaints were reportedly filed nationwide during the year, driven largely by WhatsApp hacking, online fraud and financial scams.
Digital Expansion Driving Vulnerability
Around 90 per cent of retail transactions in Pakistan were conducted through digital channels during FY25, while mobile banking and e-wallet usage expanded sharply. The country's Raast instant payment system processed hundreds of millions of transactions, reflecting a decisive shift toward a cash-light economy. Smartphones have increasingly become all-in-one banking platforms, payment tools and personal data repositories — making them high-value targets for cybercriminals.
Yet the report found that many users remain unfamiliar with basic online safety practices, including strong password management, multi-factor authentication and phishing detection. Weak passwords and poor data protection habits have created significant vulnerabilities across both individual users and institutions.
How Attackers Are Exploiting the Gap
Cybercriminals are increasingly exploiting human behaviour rather than relying solely on technical exploits, the report noted. Fake calls, fraudulent websites and malicious links have become primary attack vectors. Government departments, businesses, educational institutions and telecommunications providers have all been targeted alongside individual consumers.
Data Privacy Under Scrutiny
Concerns over data privacy have intensified amid reports that sensitive personal information and identity-related data have surfaced on illicit online marketplaces. Authorities reportedly disputed some claims regarding the origin of the leaked data, but the incidents have raised broader questions about data governance frameworks and security oversight in the country.
What Comes Next
The report's findings underscore a structural challenge: Pakistan's digital infrastructure is expanding faster than the regulatory and awareness ecosystem that should protect it. Without a concerted push on cybersecurity literacy, stronger institutional defences and clearer data governance rules, analysts warn the attack surface will only widen as digital adoption deepens.
Point of View
But the Maldives Insight report makes clear that user education and institutional defences have not kept pace. A 35% year-on-year rise in cybercrime, combined with data appearing on dark-web markets, suggests systemic weaknesses that individual app-level fixes cannot resolve. The harder question — whether Pakistan's regulators will enforce data protection standards with the same urgency they have promoted digital adoption — remains unanswered.
NationPress
22 Jun 2026
Frequently Asked Questions
How many cyberattacks did Pakistan face in 2025?
Pakistan recorded more than 5 million cyberattacks during the first three quarters of 2025, according to a Maldives Insight report. Official figures also show over 500 cybersecurity incidents were logged that year, up from 410 in 2024.
What types of cyberattacks were most common in Pakistan?
Banking malware and spyware were among the most prevalent, with over 166,000 banking malware attacks and more than 126,000 spyware incidents detected. Cybercriminals also widely used fake calls, fraudulent websites and malicious links to exploit users.
Why is Pakistan particularly vulnerable to cyberattacks?
Rapid digital expansion — with 90% of retail transactions going digital in FY25 — has outpaced cybersecurity awareness. Many users lack knowledge of basic protections such as strong passwords, multi-factor authentication and phishing detection, creating easy targets for attackers.
How much did cybercrime rise in Pakistan in 2025?
Cybercrime in Pakistan rose by 35 per cent in 2025, driven largely by WhatsApp hacking, online fraud and financial scams. More than 73,000 complaints were reportedly filed across the country during the year.
What data privacy concerns have emerged in Pakistan?
Sensitive personal information and identity-related data have reportedly appeared on illicit online marketplaces. Authorities disputed some claims about the source of the leaks, but the incidents have intensified concerns about data governance and security oversight in the country.
