An alleged dataset linked to Sri Lanka’s Ministry of Public Administration, Provincial Councils and Local Government has been advertised for sale on an underground online forum, raising concerns over the potential exposure of administrative data.
The listing, dated 17 April 2026, claims to offer information associated with the ministry’s official portal, pubad.gov.lk, for approximately USD 200. The seller, operating under an anonymous handle, has promoted access via encrypted messaging platforms, including Telegram.
According to the post, the dataset purportedly includes personal and professional details such as full names, email addresses, telephone numbers and physical addresses of individuals linked to the ministry. However, the authenticity, scope and origin of the data remain unverified at the time of publication.
Listings of this nature are common on underground marketplaces, where threat actors frequently resell previously leaked or publicly scraped information while presenting it as newly obtained.
Even limited or outdated datasets can be exploited for phishing campaigns, impersonation attempts and wider social engineering operations targeting government officials and public sector networks.
As of 18 April, Sri Lankan authorities, including relevant government agencies and the Sri Lanka Computer Emergency Readiness Team (SLCERT), have not issued any official statement regarding the alleged breach. The Ministry of Public Administration has also not publicly responded to the claims.
The listing comes amid ongoing concerns over cybersecurity preparedness within Sri Lanka’s state institutions, particularly as government digital infrastructure continues to expand without uniform safeguards across departments. While SLCERT recently conducted a cyber awareness session for Members of Parliament, the emergence of such listings raises broader questions about the effectiveness of existing protections and the prioritisation of cybersecurity across the public sector.