In a brazen cyber onslaught, pro-Iranian hacktivist group Cyber Fattah has published what appears to be thousands of personal records linked to athletes, officials, and visitors of the Saudi Games 2024, raising new alarms over the weaponization of data in geopolitical conflicts.
The breach was announced on Telegram on June 22, 2025, and includes SQL database dumps allegedly exfiltrated from the Saudi Games’ backend system via phpMyAdmin, according to a report from cybersecurity firm Resecurity.
📂 What Was Leaked?
The data—now circulating on DarkForums—was uploaded by a burner profile, “ZeroDayX,” and contains:
-
Athlete and visitor details
-
Government and IT staff email credentials
-
Scanned passports, ID cards, and bank statements
-
Medical records, sensitive forms, and internal documentation
“This wasn’t just a breach. It’s an information war tactic,” said Resecurity. “Cyber Fattah aims to exploit high-profile cultural and sporting events for propaganda and disruption.”
🕵️♂️ Who’s Behind It?
Cyber Fattah is a pro-Iranian cyber team known for targeting Israeli, Western, and Gulf State digital assets. The group is part of a rising trend where cyberattacks substitute conventional warfare, weaponizing data to shake public confidence and sow political instability.
Analysts say this operation reflects a shift in focus. “While Israel has long been Cyber Fattah’s primary target, this attack suggests a broader anti-Saudi and anti-U.S. agenda emerging,” Resecurity noted.
🌐 Cyber Warfare on the Rise
The hack comes amid escalating digital warfare between Iran and Israel. In parallel developments:
-
Pro-Israeli group Predatory Sparrow recently hacked Iran’s Ministry of Communications, leaking internal data and burning $90 million in crypto.
-
Pro-Palestine groups like Handala have been leaking data from Israeli firms since June 14, 2025.
-
“Cyber unions”—loose affiliations of hacktivist cells—have emerged, sharing tools and tactics across ideological boundaries, amplifying their impact.
One such group, DieNet, reportedly contains Russian-speaking members and has been flagged for bridging Eastern European cybercrime and Middle Eastern hacktivism.
🔍 Why This Matters
This incident isn’t just about data—it’s about influence. These state-aligned or ideologically driven groups are now operating with alarming coordination, turning sports, finance, and social events into digital battlegrounds.
Trustwave SpiderLabs warns that these cyber campaigns are no longer just about espionage—they’re about shaping narratives, crippling infrastructure, and undermining trust in national institutions.
🔐 Final Thoughts: What You Can Do
Cyber events like this are a stark reminder:
No organization is off-limits. No data is too trivial.
✅ If you’re involved in events, sports, or infrastructure—review your backend security and update access controls.
✅ Be wary of phishing attempts, insider threats, and unsecured platforms like phpMyAdmin.
✅ Monitor the Dark Web for leaked credentials.
📢 Stay vigilant. Stay informed. And always assume your data is a target.
🔔 Follow us for breaking cyber alerts, threat intelligence, and real-world security tips.
0 comments