An Iranian hacking group, called IR Leaks claimed to have accessed personal information of millions of pilgrims who participated in the Hajj from 1985 to 2024.
The data breach includes detailed records of government officials, law enforcement personnel, and clerics—all of whom have been dispatched to the Hajj over nearly four decades. The group has allegedly given the Hajj and Pilgrimage Organization of Iran a 24-hour ultimatum to negotiate before they proceed to sell 1.25 terabytes of the critical data.
The compromised data includes names, surnames, fathers' names, dates of birth, places of birth, and identification numbers.
The published sample image by the hackers shows detailed information on Basij militia members sent to the Hajj, highlighting the depth of the intrusion.
This is not the first time IR Leaks has targeted Iranian entities. Previously, the group engaged in negotiations with Snapp Food, the country's largest food delivery app, and the ride-hailing app Tapsi after hacking their systems and obtaining vast amounts of user data. While they refrained from publishing Snapp Food’s data after reaching an agreement, they went ahead and sold the data from Tapsi when negotiations failed.
Given the history of this group, it does not seem that they have any political motives in their activities.
The hacking of the Hajj and Pilgrimage Organization's database represents a serious escalation in the group’s activities, pointing to severe vulnerabilities within Iran's cyber infrastructure.
The breach not only raises questions about the effectiveness of Iran's data protection policies but also about the possible implications for the Islamic Republic's national security.