Pro-Iran Hacktivists Leak Saudi Games Athlete, Visitor Data Online

HomeNews* Pro-Iranian group Cyber Fattah leaked personal information of Saudi Games 2024 attendees online.

• The breach included sensitive data such as ID cards, emails, and medical forms.
• The attack is part of a growing pattern of cyber operations between Iran, Israel, and their allies.
• Other related incidents include hacks targeting both Iranian and Israeli organizations.
• Experts report increased collaboration among hacktivist groups in the region. On June 22, 2025, the pro-Iranian hacktivist group Cyber Fattah published thousands of records online related to athletes and visitors of the Saudi Games. The records appeared after the group reportedly gained unauthorized access to phpMyAdmin, a management tool for website databases.

• Advertisement - The leaked information, announced on Telegram, includes IT staff credentials, government email addresses, passports, bank statements, and other personal documents. Cybersecurity company Resecurity labeled the event as an information operation “carried out by Iran and its proxies,” and stated the breach targeted major sports events to further anti-U.S., anti-Israel, and anti-Saudi narratives.

Files, believed to come from the official Saudi Games 2024 website, were shared on DarkForums, a cybercrime community. Resecurity also said, “The activities of Cyber Fattah align with a broader trend of hacktivism in the Middle East, where groups frequently engage in cyber warfare as a form of activism.”

Cyber Fattah has previously targeted Israeli and Western infrastructure and worked with allied groups, including the 313 Team, which recently took credit for attacking the Truth Social platform. Resecurity noted that this latest attack may show a shift from a focus on Israeli targets to a broader anti-U.S. and anti-Saudi effort.

Other regional cyber attacks include acts by pro-Israel group Predatory Sparrow, which claims to have leaked data from the Iranian Ministry of Communications and compromised the Nobitex cryptocurrency exchange, destroying more than $90 million in digital assets by sending them to inaccessible accounts. Security researcher Lidia López Sanz stated, “This was not a financially motivated heist but a strategic, ideological, and psychological operation.”

On June 18, Iran’s state broadcaster IRIB was hijacked to display pro-Israel content. Meanwhile, groups like Handala have targeted several Israeli companies, listing details on data leak sites starting June 14.

Hacktivist groups are forming alliances such as the Cyber Islamic Resistance, combining resources for larger coordinated cyber campaigns. Trustwave SpiderLabs reported on the hybrid structure of groups like DieNet, which has both pro-Iranian and Russian-speaking members, and noted how cyber operations are becoming integrated into modern conflicts to disrupt infrastructure and shape public opinion.

• Advertisement - More details on these incidents and related groups can be found in reports by Resecurity, Cyberknow, Outpost24, and Trustwave SpiderLabs.

Previous Articles:

• Hana Bank Joins Korean Stablecoin Consortium, Files Trademark
• Michael Saylor Unveils BTC Tool Amid MicroStrategy Debt Concerns
• Judge Rules Anthropic’s AI Book Training is Fair Use, Library Illegal
• North Korean npm Malware Targets Developers in Fake Job Interviews
• Argent Wallet Rebrands as Ready with Dual Product Strategy

• Advertisement -