The Handala hacking group, allegedly linked to Iranian intelligence, has announced a significant cyberattack on Israel's police, claiming to have extracted 2.1 terabytes of confidential data. This trove reportedly includes personnel records, weapons inventories, medical and psychological profiles, legal case files, weapon permits, and identity documents. Handala asserts that 350,000 of these documents have been leaked publicly.

Extent of the Data Breach

The alleged breach is vast, covering a variety of sensitive information. Reports indicate that the compromised data includes email addresses, gun licenses, officer photos, personal contact details, classified documents, and personal information about suspects and convicted criminals, including sex offender employment permits.

Handala also claims to have accessed personal files of police officers, including psychological evaluations and other private data, as well as breaching the servers of the Israeli Ministry of National Security.

Official Response and Investigation

Despite Handala's assertions, the Israeli police have denied any direct breach of their systems. Their statement suggests that if a breach occurred, it likely involved third-party entities that share data with the police. An investigation is underway to determine the full scope of the incident and identify any security gaps.

Pattern of Cyber Attacks

This incident is part of a series of disruptive cyber activities by Handala targeting Israeli entities, especially since the escalation of the Israeli-Hamas conflict. Microsoft has noted that Israel has become a major target for Iranian cyber operations, with a marked increase in attacks.

Recent Activities by Handala

  • In October 2024, Handala was suspected of a phishing campaign targeting cybersecurity personnel in Israel with wiper malware.
  • In September 2024, the group launched a ransomware attack on Israel's Soreq Nuclear Research Center.
  • On January 27, 2025, they compromised an emergency alert system, affecting 20 kindergarten institutions with false terror alerts.

In a recent post on BreachForums dated February 9, 2025, Handala not only claimed responsibility for the latest attack but also mocked Israel, highlighting their success in breaching defenses and exposing secrets, while accusing Israel of arrogance and deception.

Learn more about zero-day vulnerabilities in our detailed Research section.

The link has been copied!