DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Yemen Cyber Army dumps visa data from Saudi Ministry of Foreign Affairs

Posted on May 29, 2015 by Dissent

The Yemen Cyber Army (YCA) has released more data from its hack of the Saudi Ministry of Foreign Affairs (previous coverage here and here).  Media sources reported after the first disclosure that Riyadh confirmed the internal Internet network attack but disputed the extent of the hack. At this rate, their protestations might want to be walked back a bit.

In a new data dump and paste yesterday, YCA writes:

DATA Mirror – 1,000,000 Records Of Saudi VISA Database
We Will Publish 1M Record Every Weekend To Stopping Saudi Attacks
Also We Sent 400K(30G) Private Saudi MOFA Documents to wikileaks.org For Backup

In yesterday’s paste, they provided 10 records from a database with extensive information including numerous fields:

ROM [MOFA_VISA].[dbo].[TBL_VISA_person]

VDM_ID  vdm_visa_visakind       VDM_EMBASSY_CODE        VDM_VISA_NUMBER VDM_VISA_ISSUE_DATE     VDM_VISA_JOB_OR_RELATION        VDM_SPONSER_NAME        VDM_SPONSER_NUMBER      VDM_SPONSER_ADDRESS     VDM_SPONSER_PHONE_NUMBER        VDM_ENTERED     VDM_VERIFIED    VDM_PRINTED     VDM_PERSON_NAME VDM_EMBASSY_VISA_NUMBER VDM_EMBASSY_VISA_DATE   VDM_NAME_OF_SERVICE_COMPANY     VDM_BORDER_NO   VDM_VISA_JOB_CODE       VDM_BL_FLAG     VDM_INTERVAL    VDM_NATIONALITY VDM_APP_NO      COMPANY_ENTER_APP       Moatmr_Iqama_Period     Omra_Foreign_Company    VDM_HAJJ_ADMIN  VDP_PERSON_NAME_ARABIC_FIRST    VDP_PERSON_NAME_ARABIC_FATHER   VDP_PERSON_NAME_ARABIC_GRAND    VDP_PERSON_NAME_ARABIC_FAMILY   VDP_PERSON_NAME_ENGLISH_FIRST   VDP_PERSON_NAME_ENGLISH_FATHER  VDP_PERSON_NAME_ENGLISH_GRAND   VDP_PERSON_NAME_ENGLISH_FAMILY  VDP_PERSON_BIRTH_PLACE  VDP_PERSON_BIRTH_DATE   VDP_PERSON_SEX  VDP_PERSON_SOCIAL_STATUS        VDP_PERSON_RELIGION     VDP_PASSPORT_NUMBER     VDP_PASSPORT_ISSUE_DATE VDP_PASSPORT_ISSUE_PLACE        VDP_PASSPORT_EXPIRY_DATE        VDP_PASSPORT_TYPE       VDP_MAHRAM_NAME VDP_MAHRAM_RELATION     VDP_ARAB48      VDE_KSA_ENTRY_POINT     VDE_VALIDITY_RESIDENCY_IN_KSA   VDE_VALIDITY_BEFORE_FLIGHT      VDE_VALIDITY_NUMBER_OF_ENTRIES  VDE_VALIDITY_COMING_THROUGH     VDE_NAME_OF_SERVICE_COMPANY     VDE_EMBASSY_ORDER_NUMBER        VDE_EMBASSY_ORDER_DATE  VDe_car_number  vde_prpose      vde_sau_c       VDE_HMLA_NAME   vdp_person_address_home job_rec_number  visa_print_date visa_Receipt_date       visa_senddatae  vuserid vdm_deleted     vdm_print_file  VDM_VISA_STATE  PERSON_ID       VDM_OWNER       hjid    VisaControlTransFG      Arc_fg!
Consistent with this site’s policy of not linking to databases exposing individuals’ personal information, I’m not linking to the actual databases. If anyone (hint, hint, LEE!) analyzes the data, though, I’ll update this post.
DataBreaches.net would still like to know if the hackers carried through on their threat the Saudi databases would self-delete last week.  Does anyone know whether that actually happened? And if it did, where is the proof?
Category: Breach IncidentsExposureGovernment SectorHackNon-U.S.Of Note

Post navigation

← Jersey City Medical Center employee gaffe exposed patients’ PHI in e-mail attachment
Buffalo Heart Group discovers insider wrongdoing involving patient information →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.