A major cybersecurity scare is unfolding in Sri Lanka, as reports emerge that hackers have compromised the database of the Department of Pensions and are now selling the stolen data on the dark web.
According to online sources and viral posts across social media platforms, over 600 gigabytes of highly sensitive data has allegedly been extracted and listed for sale. While exact details remain unclear, the compromised files are suspected to contain personal and banking information of thousands of pensioners across the island.
What makes the breach even more alarming is the lack of an official response from the authorities. As of now, the government has not issued a formal statement confirming or denying the incident, fueling widespread speculation and anxiety among pension recipients and cybersecurity professionals alike.
Sources close to the matter fear that the data may include national identity numbers, addresses, contact information, bank account numbers, and transaction history of pensioners information that could be exploited for identity theft, financial fraud, or even phishing scams.
The breach has triggered urgent calls from the public for the Ministry of Public Administration and the Department of Pensions to address the situation transparently and outline the steps being taken to safeguard national data systems.
Cybersecurity analysts warn that if verified, this breach could be one of the largest data leaks in Sri Lanka’s public sector history. The incident also highlights the critical need for modernized digital infrastructure and stronger defense mechanisms against cyber threats, especially in government institutions handling sensitive citizen information.
As the story develops, experts urge pensioners to remain vigilant, monitor their bank accounts for unusual activity, and avoid responding to unsolicited messages or calls requesting personal details.
