A Police Network Under Attack From Two Sides
Security researchers have uncovered a long-running spying campaign against police agencies in Pakistan, revealing that two separate groups of hackers, one believed to be linked to China and another to India, broke into the same government systems over a period stretching from early 2024 into 2026. The main target was the Balochistan Police, a regional law enforcement agency whose servers manage sensitive records on citizens and criminal cases.
What makes this case unusual is not just that a police force was hacked. It is that two rival hacking groups, working independently and for different purposes, ended up inside the same network at overlapping times. Neither group appears to have been working together. Each was pursuing its own intelligence goals, using the compromised police infrastructure as a base for further activity.
What the Hackers Got Into
According to the researchers who studied the intrusion, the attackers gained access to servers that host web applications used to manage police and citizen data. This included systems tied to criminal records and other law enforcement databases. Once inside, the hackers did not simply steal information and leave. They used the compromised servers as a foothold, turning police infrastructure into a launching pad for additional attacks against other targets.
This kind of approach is common in state-linked espionage. Rather than hitting a target once and moving on, attackers try to keep quiet, long-term access to a system so they can watch it over time, pull new data as it becomes available, and pivot toward other networks connected to the same organization. In this case, that meant Pakistani law enforcement data sat exposed to outside access for an extended stretch of time, with the people whose personal and legal information passed through those systems having no way to know it was happening.
A Separate Case Points to a Different Kind of Threat
In an unrelated development, Dutch police say they now have strong evidence that hackers based in the Netherlands, rather than a foreign intelligence group, were behind a breach earlier this year at Odido, a major Dutch telecommunications provider. That investigation is a reminder that not every serious breach comes from an overseas spy agency. Sometimes the people behind an intrusion are much closer to home, and the motive may be financial or personal rather than tied to national interests.
Taken together, these two stories show how differently a data breach can play out depending on who is behind it and what they want. State-linked hackers going after a police network are usually after long-term intelligence value. Domestic hackers going after a telecom provider may be looking for customer data, account access, or ways to profit from what they find. Either way, ordinary people whose information sits inside these systems end up carrying the risk.
Why This Matters Beyond Pakistan
Most readers will never interact with the Balochistan Police or Odido directly, but the pattern behind these incidents applies almost everywhere. Government agencies, telecom companies, and other organizations that hold large amounts of personal data are constant targets, and breaches often go undetected for months or years before anyone notices. The people affected are rarely told right away, if they are told at all.
These cases also highlight how blurred the line has become between government-backed hacking and ordinary cybercrime. A server holding citizen records can be of interest to a foreign intelligence service and to a financially motivated criminal at the same time. Once a system is breached, the data inside it can end up serving very different purposes depending on who found the opening first.
What You Should Do
- Assume that any organization holding your personal data, including government agencies, could be breached without your immediate knowledge.
- Watch for notices from telecom providers, banks, or government services about data incidents, and act quickly if you receive one.
- Use unique passwords for accounts tied to government services, telecom providers, and other sensitive accounts, and turn on two factor authentication wherever it is offered.
- Be cautious with unexpected calls, texts, or emails claiming to be from police, telecom companies, or government offices, since stolen records can be used to make scams more convincing.
- Check your accounts periodically for unfamiliar activity, especially if you live in a region where a breach like this has been reported.