Today's cybersecurity headlines are brought to you by ThreatPerspective

Pro-Iranian Hacktivist Group Leaks Personal Records from 2024 Saudi Games, Exposes Tensions between Iran and Israel

Pro-Iranian hacktivist group Cyber Fattah has leaked thousands of personal records from the 2024 Saudi Games, revealing tensions between Iran and Israel. The breach highlights the growing importance of cybersecurity in protecting individual and national security, as well as the need for vigilance in the face of increasingly sophisticated cyber threats.

A pro-Iranian hacktivist group known as Cyber Fattah has recently leaked thousands of personal records allegedly linked to athletes and visitors of the 2024 Saudi Games. The breach was announced on Telegram in June 2025, in the form of SQL database dumps, characterizing it as an information operation "carried out by Iran and its proxies." According to cybersecurity company Resecurity, the actors gained unauthorized access to phpMyAdmin (backend) and exfiltrated stored records.

This breach is believed to be linked to the 2024 Saudi Games official website, with data including IT staff credentials, government official email addresses, athletes' and visitors' information, passports and ID cards, bank statements, medical forms, and scanned copies of sensitive documents. The leak was published by a forum user named ZeroDayX, a burner profile that was likely created to promote this breach.

The leaked data suggests an effort by Cyber Fattah to carry out a strategic, ideological, and psychological operation against the Saudi government and its citizens. According to security researcher Lidia López Sanz, "This was not a financially motivated heist but a way of dismantling public trust in regime-linked institutions and signaling technical superiority." The attackers also hijacked Iran's state broadcaster IRIB's television stream to display pro-Israeli and anti-Iranian government imagery.

This incident is part of a broader trend of cyber warfare between Iran and Israel, with several hacktivist groups claiming to have conducted cyber attacks or made declarations to align with or act against the two nations. Cyber Fattah has a history of targeting Israeli and Western web resources and government agencies.

Another pro-Iranian group named DieNet has been singled out for its hybrid identity, including Russian-speaking members and connections to other cyber communities in Eastern Europe. Trustwave SpiderLabs noted that "the broader phenomenon of cross-regional cyber collaboration, where ideological alignment overrides geographic or national boundaries," is a key aspect of this incident.

The deployment of cyber capabilities in the context of the Iran-Israel war demonstrates how digital operations are increasingly being integrated to supplement kinetic actions, influence public perception, and disrupt critical infrastructure. According to Group-IB, more than 5,800 messages have been recorded across various hacktivist channels between June 13 and 20.

Experts warn that such incidents highlight the need for vigilance in protecting personal data, as well as the potential consequences of cyber attacks on individual and national security. As the digital landscape continues to evolve, it is essential to stay informed about emerging threats and develop effective strategies for mitigating their impact.