Pak SIM Data & SIM Database in Pakistan: What Really Exists

Check Your Own SIM Registration Details (Official PTA Methods, 2026)

Use this page to learn how to check which SIMs are registered against your own CNIC through Pakistan's official PTA channels — the SMS shortcode 668 and the cnic.sims.pk portal. These are the only lawful, self-service ways to audit your SIM record. There is no legal way to look up another person's SIM, CNIC, or identity.

To verify a SIM registered to your own CNIC, send your 13-digit CNIC (no dashes) by SMS to 668, or use the official portal at cnic.sims.pk. PTA replies with the SIMs registered against your CNIC across all networks. This works only for your own record — no service can lawfully return another person's details.
Send your own 13-digit CNIC (digits only, no dashes) by SMS to 668, or enter it at the official cnic.sims.pk portal and complete the verification step. You will receive the number of SIMs registered to your CNIC per operator. If you spot a SIM you did not register, contact your operator and file a complaint with PTA.
Join our WhatsApp Channel
Latest updates, tips and free tools
Join
Subscribe on YouTube
Tutorials and SIM verification tips
Subscribe

Pak SIM Data & "SIM Database" in Pakistan: What Really Exists (And What's a Scam)

If you searched for “pak sim data,” “sim database,” “database sim,” or “fresh sim database,” you are probably looking for one of two things: a way to check which SIM cards are registered against your own CNIC, or a bulk “database” that supposedly lets you look up anyone’s SIM, location, or call records. Only the first thing is real, legal, and available. The second thing — a downloadable or subscription “Pak SIM database” that exposes other people’s registration data — does not exist as a legitimate public product, and any site, app, or Telegram bot claiming to sell you one is operating outside the law.

This page exists to give you the complete, honest picture: what “Pak SIM data” actually refers to, who legitimately holds it, why no public bulk database is ever going to be legal, what the real backend system (PTA’s SVMS) looks like architecturally, what happens legally to people who buy or sell this kind of data, and — most usefully — exactly how to check your own SIM registration through the two official channels that have existed for years: the PTA SMS shortcode 668 and the cnic.sims.pk portal.

What Does "Pak SIM Data" Actually Mean?

“Pak SIM data” is not a product, a website, or a downloadable file. It is a general phrase people use to describe the registration record that ties a mobile SIM card to the identity of the person who bought it — in Pakistan, that identity is your CNIC (Computerized National Identity Card) number.

Since biometric SIM re-verification became mandatory across the industry, every SIM card issued by Jazz, Zong, Telenor, Ufone, ONIC or SCO has been linked to exactly one CNIC through a fingerprint match performed at the point of sale. That linkage — CNIC number, the SIMs registered under it, which operator each SIM belongs to, and the registration date — is what people mean when they say “SIM data” or “SIM database.”

This data is real. It is maintained. But it is not maintained as a public, searchable resource. It is maintained as a regulatory and security control, split between:

  • The mobile operators, who hold the subscriber account and billing relationship for each SIM they issue.
  • NADRA, which owns and verifies the underlying CNIC and biometric identity record.
  • PTA, which operates the centralized cross-operator registry — the Subscriber Verification Management System (SVMS) — that lets the count of SIMs against a single CNIC be checked and capped across all six operators at once.

None of these three parties makes bulk subscriber data publicly searchable, downloadable, or purchasable — not to individuals, not to businesses, and not through any third-party API. We explain exactly why, and exactly what the real system looks like, in the sections below. For a deeper walkthrough of that regulatory backend specifically, see our dedicated breakdown of the PTA SIM Verification System (SVMS) — the actual system PTA uses to hold this data.

Is There a Public "SIM Database Pakistan" You Can Search or Download?

No. There is no legitimate website, app, Telegram bot, API, or file that lets you search, browse, or download a bulk “Pak SIM database” — not one covering all subscribers, not one covering a single mobile operator’s customer base, and not one that lets you type in any phone number and pull up the owner’s CNIC, address, or call history.

This is true for a simple structural reason: the data in question is defined as sensitive personal data under Pakistani law, and the CNIC-to-SIM linkage sits inside systems that are, by design, accessible only to the record’s own owner (via self-check) or to authorized law-enforcement and regulatory processes (via a legal request to the operator, PTA, or NADRA — not via a public tool). There is no version of “public bulk SIM database” that PTA, NADRA, or a licensed operator could legally expose without violating:

  • The Prevention of Electronic Crimes Act (PECA) 2016, which criminalizes unauthorized access to, copying of, or disclosure of another person’s data (detailed in the legal section below).
  • Operator licensing conditions and PTA regulations governing subscriber data confidentiality.
  • NADRA’s own data-protection mandate over the CNIC and biometric record that underlies every SIM registration.

So when you see a website with a name like “Sim Database Online,” “All Sim Database,” or “Fresh Sim Database 2026” that implies you can look up any number, one of three things is happening:

  1. It is a self-check tool in disguise — it will only ever return results for the CNIC or number you own and can verify, dressed up with database-sounding branding to capture high-volume search traffic.
  2. It is a scraped-together directory of stale or unrelated data presented as though it were live SIM records, often padded with ads, redirect chains, or fake “loading” screens.
  3. It is a phishing operation — it asks for your CNIC, your own phone number, an OTP, or a “verification fee,” and what it actually collects is your data, not the data of the person you searched for.

None of these are a real “SIM database.” If you want to verify your own SIM registration, the only channels that will genuinely work are the two official ones: SMS your CNIC to 668, or use the cnic.sims.pk portal. Our guide to checking your SIM count directly against your CNIC walks through both in detail.

Why So Many Sites and Telegram Bots Claim to Sell "Fresh SIM Database" Access

If no legitimate SIM database exists, why does the search demand for “sim database,” “fresh sim database,” and “pak sim data” run into the tens of thousands of monthly searches? Because a persistent underground market has built itself around exactly this confusion, and it profits either way — whether you’re looking to check your own data or trying to look up someone else’s.

The pattern generally works like this:

  • A Telegram channel or bot advertises “Pak SIM Database — search any number, get CNIC, address, call logs.” It positions itself as an insider tool.
  • A near-identical wave of websites ranks for the same keywords, using titles like “Sim Database Online Pakistan” or “Database Sim With CNIC,” deliberately blurring the line between “check your own SIM count” (legal) and “look up anyone’s private data” (illegal).
  • Some of these operations are pure phishing: the “search” box collects the visitor’s own CNIC/number and does nothing else, or redirects through ad networks and fake CAPTCHA pages.
  • Others are worse: they repackage and resell fragments of real data that leaked from breaches elsewhere — not from a hack of PTA, NADRA, or an operator’s core systems, but from malware-compromised devices, poorly secured third-party services, or earlier breaches unrelated to telecom infrastructure — and market the resulting patchwork as a “fresh” or “updated” SIM database.

There is a real, documented example of this dynamic. In 2024–2025, reporting from multiple outlets — including The Cyber Express and Dawn.com — covered the discovery of Pakistani mobile subscriber data (location details, call records, travel information) being offered for sale online, with pricing reportedly as granular as a few hundred rupees per lookup. Investigators linked the exposed data to malware-based credential theft rather than a breach of the licensed telecom sector’s own systems, and PTA publicly stated it had found no breach within its regulated networks. That distinction matters: the underlying leak did not come from a hacked “PTA SIM database” — because no such centrally exposed database exists to hack in the way sellers imply. What actually happened is that scattered, illegally obtained fragments of personal data got compiled, rebranded, and marketed using exactly the same “SIM database” language this page is about — which is precisely why that phrase now dominates search demand in Pakistan, and precisely why treating it as a legitimate product is a mistake.

Buying access to any of this — even out of curiosity, even a “one-time search” — puts you on the wrong side of PECA 2016, discussed in full below.

Legitimate SIM Check vs. Scam "SIM Database" Site — Side-by-Side Comparison

Use this table to evaluate any site or bot claiming to offer SIM or CNIC data before you interact with it.

SignalA Legitimate SIM Check (668 / cnic.sims.pk / PTA)A Scam “SIM Database” Site or Bot
What it checksOnly the CNIC or number you provide, returning your own registered SIM countClaims it can look up *any* number or *any* person’s data
Who it belongs toOperated directly by PTA, a government regulatorUnbranded or vaguely branded domain, Telegram bot, or “database” page with no verifiable owner
What it asks forYour own CNIC number (SMS) or basic identifying info on the official portalOften asks for the *target’s* number, your CNIC “to unlock results,” a wallet top-up, or an OTP
CostFree (standard SMS charges may apply)Frequently demands payment, a subscription, or a “verification fee”
Data returnedSIM count, operator names, registration status against your own identityPromises CNIC photos, addresses, call logs, location history — the kind of data no legal system exposes
URL/branding patterncnic.sims.pk (PTA-operated) or the 668 shortcodeLook-alike domains, copycat logos mimicking PTA’s branding, “2026,” “fresh,” “updated,” “all-in-one” marketing language
Legal footingFully compliant — checking your *own* data is your rightViolates PECA 2016 regardless of whether it works, because it involves unauthorized access to or disclosure of another person’s data
What happens after you use itYou get your own SIM list, nothing else occursYour CNIC/number is often harvested for later phishing, SIM-swap attempts, or resale

What About Sites Like "Pakdata.ml" or Other "Pak Database" Tools?

Search demand around “pakdata,” “pakdata.ml,” and similar naming patterns points to a recurring category of third-party domains that market themselves as “Pak Database” or “CNIC/SIM lookup” tools. These sites and their many clones are not affiliated with PTA, NADRA, or any licensed mobile operator — no official Pakistani telecom or identity authority operates a public tool under this kind of branding.

Independent reporting on this category of site is consistent: they are frequently flagged as unofficial, low-trust, or outright phishing fronts, with several documented cases of near-identical interfaces designed to visually mimic PTA’s official look and feel purely to appear credible. We are not going to link to, name-check favorably, or walk through how to use any domain in this category, because doing so would legitimize exactly the kind of tool this page exists to warn against. If you land on a site like this while searching for “pak sim data” or “sim database,” treat the domain name itself as a red flag rather than a feature, and use the comparison table above to check it against the real official channels.

The only sites this page — or any page on cnicsimcheck.com — will point you to for an actual check are the PTA-operated SMS shortcode 668 and the PTA-operated portal cnic.sims.pk.

The Real "SIM Database" — How PTA's SVMS Actually Works

For readers with a genuine technical or policy interest in what the *real* backend “SIM database” looks like — as opposed to the fictional public one sold by scam sites — here is how the legitimate system is actually architected.

The real registry is called the Subscriber Verification Management System (SVMS), and it is not a single website or app you can browse. It is a regulatory backend that all six licensed mobile operators — Jazz, Zong, Telenor, Ufone, ONIC and SCO — are connected to, jointly overseen with NADRA. Here is the actual sequence of what happens when a SIM is registered, step by step:

  1. Point of sale, biometric capture. A retailer scans the buyer’s CNIC and captures a live fingerprint on a NADRA-authorized biometric verification device.
  2. Real-time match against NADRA. That device contacts NADRA’s Mobile Biometric Verification System (MBVS) in real time, comparing the live fingerprint against the one on file for that CNIC.
  3. Operator-specific status codes. NADRA returns a status code confirming or rejecting the match. Each operator implements its own success-code convention on top of the shared protocol — for example, Jazz’s system logs a distinct success code (commonly cited as 6001), Telenor uses a different one (commonly cited as 7751), and Zong uses another (commonly cited as 7911). These are internal integration details, not public reference numbers.
  4. SIM activation and SVMS logging. Only once the biometric match succeeds does the operator activate the SIM — and at that moment, the CNIC-SIM binding is logged into PTA’s SVMS, the shared cross-operator ledger.
  5. Cross-operator count update. Because SVMS is shared infrastructure rather than an operator-specific database, the CNIC holder’s *total* SIM count updates instantly across every operator’s records — which is exactly why sending your CNIC to 668 returns SIMs from all networks, not just one.
  6. DIRBS enforcement layer. PTA’s Device Identification, Registration and Blocking System (DIRBS) continuously monitors SVMS. If a CNIC’s registered SIM count exceeds PTA’s limits (detailed below), DIRBS triggers an automatic suspension rather than waiting for manual review.

This is a genuinely centralized system — which is precisely the point critics of “SIM database” scam sites raise: if a real, working, centralized registry already exists and is tightly access-controlled by design, there is no gap in the market for a “public” version. The only interface PTA exposes to the public is a single-record self-check (668 or the web portal) — never a bulk query interface — because SVMS was never designed to be queried at scale by anyone outside the regulator and the operators themselves. For the fullest breakdown of this system, including how verification failures are handled and what triggers re-verification campaigns, read our dedicated page on the PTA SIM Verification System (SVMS).

Legal Consequences: PECA 2016 Penalties for Buying or Selling SIM Data

Every part of the “SIM database” trade — building the tool, marketing it, and using it — sits inside the scope of the Prevention of Electronic Crimes Act (PECA) 2016, Pakistan’s primary cybercrime statute. The relevant provisions apply to sellers and buyers alike; “I only wanted to check one number” is not a defence if the number wasn’t your own and you weren’t authorized to access it.

PECA 2016 ProvisionWhat It CoversPenalty
Section 3 — Unauthorized access to an information system or dataIntentionally accessing a system, account, or dataset (including a SIM/CNIC record) without authorizationUp to 3 months imprisonment, and/or a fine up to PKR 50,000
Section 4 — Unauthorized copying or transmission of dataCopying, duplicating, or forwarding someone else’s data without consent — this covers “sharing” a leaked SIM record, not just obtaining itUp to 6 months imprisonment, and/or a fine up to PKR 100,000
Section 16 — Unauthorized use of identity informationObtaining, selling, transmitting, or using another person’s identity information (CNIC-linked data falls squarely here) without consentUp to 3 years imprisonment, and/or a fine up to PKR 5,000,000

These are not abstract or rarely-enforced provisions — they are the specific legal basis regulators and investigators cite when SIM/CNIC data trading rings and phishing operations are pursued in Pakistan. Selling a “Pak SIM database” service is not a legal grey area: it is, at minimum, a Section 16 offence for the operator running it, and buying access as a customer can expose the buyer to Section 3 or Section 4 liability for the unauthorized access and onward handling of that data. There is no version of “just checking someone else’s number out of curiosity” that PECA carves out as harmless.

A Real Example: The Pakistan Mobile Subscriber Data Leak

To understand why “sim database” search demand exploded rather than fabricate a hypothetical, it helps to look at what actually happened. Reporting from The Cyber Express and Dawn.com documented a case in which mobile subscriber data — location records, call detail records, and travel information tied to individuals, including some government officials — was found being sold online, with prices reported in the low hundreds to low thousands of rupees depending on the data category requested. Investigators attributed the source to information-stealing malware compromising individual devices and third-party systems, not a breach of PTA’s, NADRA’s, or a licensed operator’s core infrastructure. Pakistan’s interior ministry formed an inquiry body in response, and PTA issued a public statement denying any breach within the licensed telecom sector itself.

The practical lesson: incidents like this are what gets rebranded and resold under “SIM database” or “fresh sim data” marketing — a patchwork of illegally obtained fragments, not a leak of the actual PTA/SVMS system, and not a legitimate product regardless of how it’s marketed. Treat any “database” offer built on this kind of framing as, at best, stolen data being resold, and at worst, a phishing operation with no real data behind it at all.

How to Legitimately Check Your Own SIM Data

The only checks worth trusting are the ones PTA operates directly, and both are free of charge beyond standard SMS rates.

Method 1 — SMS shortcode 668. Open your messaging app and send your 13-digit CNIC number (no dashes) as a text message to 668. PTA’s system replies with the number of SIMs currently registered against that CNIC and the operators they belong to. This works from any active number on any network and requires no internet connection. For the full walkthrough, including what each part of the reply means, see checking your SIM owner details via the 668 SMS method.

Method 2 — The cnic.sims.pk portal. If you prefer a web interface, PTA’s official portal at cnic.sims.pk performs the same CNIC-based check online. You enter your CNIC number, complete the verification step shown on the page, and receive the same registered-SIM breakdown. Our detailed guide to using the online SIM check portal covers each screen of that process.

Both methods return results only for the CNIC you submit — by design, there is no field, parameter, or workaround that returns another person’s data, because the system checks that the requesting device/session corresponds to a legitimate self-check flow. If you need a broader explanation of how your total SIM count is calculated across operators, our guide to checking your CNIC’s full SIM count covers that in depth.

How Many SIMs Can Legally Sit Against One CNIC?

Under PTA’s policy — confirmed through PTA’s own submissions in litigation before the Supreme Court of Pakistan — each CNIC is permitted a maximum of 5 voice SIMs and 3 data-only SIMs, for a combined ceiling of 8 registrations. This cap exists specifically to limit the misuse of unused or “extra” SIMs for fraud, spam, and unauthorized reselling — the same underlying problem that fuels demand for illegitimate “SIM database” lookups in the first place, since fraud investigators and everyday users alike want to know whether unknown SIMs are sitting against their identity.

If a CNIC’s registered count exceeds either threshold, PTA’s DIRBS system automatically suspends *all* SIMs registered under that CNIC — including the one you actually use day to day — until the excess lines are formally disowned through the relevant operator’s franchise or customer service channel. This is exactly why periodically checking your own SIM count via 668 or cnic.sims.pk matters: catching an unauthorized SIM early avoids a blanket suspension affecting your primary number later.

What If You Only Have a Phone Number, Not a CNIC?

A large share of “sim database” search traffic actually comes from people who have a phone number — a missed call, a suspicious message, an unknown contact — and want to identify who it belongs to, rather than checking their own CNIC. This is a meaningfully different request, and it’s worth being direct about it: there is no legitimate PTA, NADRA, or operator tool that lets a member of the public enter someone else’s phone number and retrieve that person’s CNIC, name, or address. Any site or bot claiming to do exactly that is operating in the same unauthorized-access territory covered by PECA Sections 3, 4 and 16 above.

If you’re trying to understand a phone number for a legitimate reason — identifying a business helpline, checking a number’s operator and general region, or spotting spam patterns — our page on general phone number information lookups explains what can be legitimately determined from a number alone. For a fuller discussion of exactly where the legal line sits — and why lookup-by-number sites promising an owner’s identity are not legitimate — see the legal boundaries of checking SIM owner details by phone number.

“Pak SIM data” describes real information — the link between your CNIC and your registered SIMs — but it is not organized as a publicly searchable database. It lives inside PTA’s SVMS, NADRA’s identity records, and individual operator systems, all of which are access-controlled. The only public interface is a self-check of your own CNIC via 668 or cnic.sims.pk.

No. Any site charging a fee for “database access,” “unlocking results,” or a “premium search” is not a legitimate PTA, NADRA, or operator product. Legitimate self-checks are free.

Pakdata.ml and similarly named “Pak Database” domains are third-party sites unaffiliated with PTA, NADRA, or any licensed mobile operator. This naming pattern has been associated with unofficial or scam-style lookup tools in independent reporting. We do not link to or endorse any site in this category.

Simply visiting a page is not itself the offence, but submitting a search for someone else’s number, entering your own CNIC into an unverified third-party form, or attempting to retrieve another person’s data crosses into unauthorized-access territory under PECA 2016 Section 3, and paying for that access adds exposure under Sections 4 and 16.

Because a persistent scam and phishing ecosystem — including Telegram bots and copycat websites — actively markets itself using exactly this language, and because a real 2024–2025 leak of subscriber data (sourced from malware, not from PTA/NADRA/operator systems) got rebranded and resold under the same “database” framing, reinforcing the belief that a working product exists.

Send your 13-digit CNIC number via SMS to 668, or use the official portal at cnic.sims.pk. Both return the same information: your total registered SIM count and which operators they’re with. See our step-by-step 668 SMS guide and online portal guide.

SVMS is a genuine, centralized cross-operator registry run jointly by PTA and NADRA, but it was built for regulatory enforcement (like PTA’s DIRBS auto-blocking of over-limit CNICs), not public browsing. Scam sites borrow the word “database” to sound like they offer the same thing to the public, when no such public-facing version exists or is legal to build. Read the full SVMS architecture breakdown for the real technical picture.

PTA allows a maximum of 5 voice SIMs and 3 data SIMs per CNIC. Going over either limit triggers an automatic suspension of every SIM tied to that CNIC via PTA’s DIRBS system, until the excess lines are disowned through the operator. ## Key Takeaways “Pak SIM data” is a real concept — the record linking your CNIC to your registered SIMs — but “SIM database,” “fresh sim database,” and similar phrases describing a public, searchable, or purchasable bulk product describe something that does not legitimately exist. The genuine backend, PTA’s SVMS, is a tightly access-controlled regulatory system built with NADRA and the six licensed operators, and its only public-facing feature is a single-record self-check. Sites and Telegram bots claiming otherwise are, at best, self-check tools dressed up with misleading branding, and at worst, phishing operations or resellers of illegally obtained, malware-sourced data — activity that exposes both operators and buyers to real penalties under PECA 2016 Sections 3, 4, and 16. If you want to know what SIMs are registered against your own identity, the only two channels worth using are PTA’s 668 SMS shortcode and the cnic.sims.pk portal. For the complete picture of how the underlying verification ecosystem works, start from our home page and explore the linked guides throughout this site. —