Iran-Linked Hacking Group "Handala" Claims Breach of Israeli National Security Official’s Email
An Iran-affiliated hacking group, Handala, announced on Tuesday that it compromised the email account of Ilan Steiner, Chief Financial Officer at Israel’s National Security Institute, extracting over 50,000 documents. The stolen material reportedly includes intelligence-related research, Mossad-linked files, and strategic planning documents focused on the Middle East.
The group, which surfaced in 2023, is assessed by Western cybersecurity analysts as tied to Iran’s intelligence apparatus. Known for "hack-and-leak" operations, Handala combines cyber intrusions with public data releases. Previous targets have included Israeli officials, with past claims involving breaches of aides to Prime Minister Benjamin Netanyahu and former premier Naftali Bennett.
The authenticity of the breach remains unverified. If confirmed, the incident would mark another escalation in cyber tensions between Iran and Israel.
Source: https://shafaq.com/en/Middle-East/50K-files-leaked-as-Handala-claims-Israeli-security-breach
INSS Israel cybersecurity rating report: https://www.rankiteo.com/company/inss-israel
"id": "INS1773751229",
"linkid": "inss-israel",
"type": "Breach",
"date": "3/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'National Security',
'location': 'Israel',
'name': 'Israel’s National Security Institute',
'type': 'Government Agency'}],
'attack_vector': 'Email Compromise',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '50,000',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Intelligence-related research',
'Mossad-linked files',
'Strategic planning documents']},
'description': 'An Iran-affiliated hacking group, Handala, announced that it '
'compromised the email account of Ilan Steiner, Chief '
'Financial Officer at Israel’s National Security Institute, '
'extracting over 50,000 documents. The stolen material '
'reportedly includes intelligence-related research, '
'Mossad-linked files, and strategic planning documents focused '
'on the Middle East.',
'impact': {'brand_reputation_impact': 'High (National Security Institute)',
'data_compromised': '50,000 documents',
'operational_impact': 'Potential exposure of intelligence and '
'strategic planning documents',
'systems_affected': 'Email account'},
'investigation_status': 'Unverified',
'motivation': 'Espionage, Hack-and-Leak Operations',
'references': [{'source': 'Cyber Incident Description'}],
'threat_actor': 'Handala',
'title': "Iran-Linked Hacking Group 'Handala' Claims Breach of Israeli "
'National Security Official’s Email',
'type': 'Data Breach'}