Resecurity reports:
Today (June 22, 2025) — the threat actors associated with the “Cyber Fattah” movement leaked thousands of records containing information about visitors and athletes from past Saudi Games, one of the major sports events in the Kingdom. The stolen data has been leaked in the form of SQL dumps – the actors gained unauthorized access to phpMyAdmin (backend) and exfiltrated stored records. Resecurity views this incident as part of a broader information operation (IO) carried out by Iran and its proxies for various objectives.
Based on our assessment, this is an example of Iran using data breaches as part of a larger anti-US, anti-Israel, and anti-Saudi propaganda activity in cyberspace, targeting major sports and social events. Due to the significant scale of the data breach and the precedent set by Iranian proxies attacking major sporting event, Resecurity is sharing the collected intelligence to raise awareness within the cybersecurity community and to equip stakeholders with actionable insights and risk mitigation strategies.
Read more at Resecurity.