A threat actor has claimed to be selling Iran’s Hajj and Pilgrimage Organization’s database on a hacking forum. This database is claimed to have over 168 million records.
This database includes sensitive information such as full names, dates of birth, ID numbers, passport scans, financial information, and the source code for Hajj-related apps and services.
The Hajj and Pilgrimage Organization is an independent state body that works with Iran’s Ministry of Culture and Islamic Guidance. It organizes and monitors pilgrimage tours to Hajj, Umrah, and numerous locations in Iraq and Syria.
The data, supposedly collected between 1984 and 2024, is said to be 1.25 terabytes (TB) in size. The threat actor announced on the forum, “More than 168 million database records (during the years 1984 to 2024) are ready for sale.”
Claimed Hajj and Pilgrimage Organization Data includes
• Passport scans and photos of travelers
• Travel flight information
• Travel insurance details
• Security deposit documents
• Banking and payment information
• Information about pilgrimage brokers
• Accommodation status of travelers
• Details of government officials
• Allocated quotas for special groups like martyr families
• Information on NAJA forces, Basij forces, and clerics (Mullahs)
• Source code for Hajj apps and services
Implications of Hajj and Pilgrimage Organization Data Breach
If the claim of a Hajj and Pilgrimage Organization data breach is real, the implication of the same might be far-reaching, perhaps touching millions of people. The disclosure of such broad and sensitive information might result in identity theft, financial loss, and major privacy violations for millions of individuals.
Additionally, the exposure of the source code for Hajj-related apps and services could potentially compromise the security and functionality of these essential tools.
Despite the seriousness of the claimed Hajj and Pilgrimage Organization data breach, the official website appears to be operating normally as no signs of foul play were seen upon accessing the site.
The Cyber Express Team contacted the Hajj and Pilgrimage Organization to verify the allegations. However, no reaction has been received as of this time, making the threat actor’s assertions unconfirmed.
Amid the Israel-Iran conflict, the Middle East is experiencing another type of threats, like cyber warfare. Jordan finds itself at the center of this conflict, facing a series of claimed cyberattacks carried out by various hacktivist groups, out of which BlackMaskers Team emerged as a significant danger. The Team claimed responsibility for various cyberattacks on Jordan that targeted critical Jordanian entities from the stock exchange to private sector businesses.
These cyberattacks are purportedly in response to Jordan’s backing for Israel against Iran in the continuing conflict.
The Cyber Express team will continue to actively follow the situation. We will give updates if new information becomes available, such as official confirmations or rejections from the Hajj and Pilgrimage Organization or other relevant agencies.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
