The Punjab Forensic Science Agency (PFSA) — a key provincial entity that assists law enforcers in investigating heinous crimes — has recently come under a major cyberattack by international hackers, raising The Punjab Forensic Science Agency (PFSA) — a key provincial entity that assists law enforcers in investigating heinous crimes — has recently come under a major cyberattack by international hackers, raising serious questions about the security of one of Pakistan’s most sensitive data repositories.
The breach was detected on November 7, 2025, when a notorious hacker group known as ‘Beast’ added PFSA to its “leak site” on the dark web. Such leak sites are hidden web platforms where ransomware groups publicly list victims and showcase samples of stolen data to pressure organisations into paying ransoms.
According to Beast Group, they infiltrated PFSA’s servers and extracted nearly 900GB of sensitive data, including forensic reports, criminal investigation files, DNA testing records, firearm analysis documents and internal communications.
Two days later, on November 9, the group published a detailed announcement on its leak site along with PFSA’s logo and samples of the stolen files. The hackers claimed they had gained full control of PFSA systems and threatened to release all data unless a ransom is paid.
PFSA initially claimed the attack had been “thwarted” and that international hackers had been “blocked.” However, Beast Group’s posting suggests a significant data breach did take place. The agency has not yet issued an official statement regarding any ransom demand or the status of recovery efforts, but internal teams are carrying out a large-scale investigation.
A senior PFSA official, said the attack triggered immediate firewall alarms. “Our IT teams acted instantly. The system was shut down the moment the breach was detected,” he said.
He dismissed the hackers’ claim of stealing 900GB of data, saying, “This is not even one per cent of our total data. We store data in terabytes. We have manual records and multiple servers. PFSA is one of the best labs in the world with strong security. Our systems are back online, recovery is under way, and every bit of data is being checked. We have not suffered any loss.” questions about the security of one of Pakistan’s most sensitive data repositories.
The breach was detected on November 7, 2025, when a notorious hacker group known as ‘Beast’ added PFSA to its “leak site” on the dark web. Such leak sites are hidden web platforms where ransomware groups publicly list victims and showcase samples of stolen data to pressure organisations into paying ransoms.
According to Beast Group, they infiltrated PFSA’s servers and extracted nearly 900GB of sensitive data, including forensic reports, criminal investigation files, DNA testing records, firearm analysis documents and internal communications.
