This post may contain affiliate links, please read our affiliate disclosure to learn more.
Massive Cyberattacks Expose Millions in Iran: Suspicions of State Involvement Arise

Massive Cyberattacks Expose Millions in Iran: Suspicions of State Involvement Arise

 By Charles Joseph | Cybersecurity Researcher
 Published on January 2nd, 2024

In a recent series of events, Iran’s leading insurance and food ordering companies have fallen victim to massive cyberattacks, resulting in the exposure of a significant portion of the country’s 88 million population. These cybercrimes have raised concerns about the possibility of state-sponsored involvement, as the sophistication and scale of the attacks are hard to ignore.

Israeli cybersecurity firm Hudson Rock was the first to report on these cyberattacks, shedding light on the disturbing breach of sensitive data that has affected millions of individuals in Iran. The attacker, operating under the pseudonym “irleaks,” began their assault by posting a thread on a cybercrime marketplace on December 20th, 2023. In this initial post, they claimed to possess over 160 million records of Iranian data stolen from 23 of the country’s leading insurance firms.

NordVPN 67% off + 3-month VPN coupon

Stay One Step Ahead of Cyber Threats

Want to Be the Smartest Guy in the Room? Get the Latest Cybersecurity News and Insights.
We respect your privacy and you can unsubscribe anytime.

The stolen data included a plethora of personal information, such as first names, last names, birthdates, father’s names, phone numbers, mobile numbers, national codes, and even passport numbers. Hudson Rock researchers verified the authenticity of this data and emphasized the extreme difficulty of orchestrating such a wide-scale attack against numerous insurance companies.

However, “irleaks” didn’t stop there. On December 30th, “irleaks” made a second post, boasting about hacking Iran’s largest online food ordering company, SnappFood. This attack exposed a staggering 3 terabytes (TB) of sensitive data, sending shockwaves throughout the industry.

SnappFood responded promptly to the breach by issuing a statement confirming the attack and announcing an ongoing investigation into the matter. Hudson Rock researchers delved deeper into the incident and uncovered that a SnappFood employee’s computer had been infected with a malware strain known as StealC infostealer. This compromise potentially allowed the cybercriminals to access sensitive credentials within the organization and may have served as an initial attack vector against the company.

The scale and sophistication of these cyberattacks have raised serious questions about their origin. Hudson Rock researchers have openly pondered whether these attacks could be state-sponsored, given the level of expertise and the broad scope of the targets. The report by the cybersecurity firm has been fittingly titled “Mysterious Hacker Strikes Iran,” capturing the intrigue surrounding these cybercrimes.

As investigations continue, both within Iran and on an international scale, the victims of these attacks are left grappling with the consequences of their sensitive information being exposed.

"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
Scroll to Top