Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Hackers Hit Iran’s Mahan Airline, Claim Confidential Data Theft

Hackers Hit Iran’s Mahan Airline, Claim Confidential Data Theft

One of Iran’s largest privately-owned airlines, Mahan Air, has announced a cybersecurity incident that has resulted in its website going offline and potentially data loss.

As the firm announced on Twitter, dealing with hacker attacks is nothing out of the ordinary for them, so even though some damage has been done, the flight schedules won’t be affected.

As such, even though people can’t access Mahan’s website, all international and domestic flights are running as usual without changes or delays.

Moreover, the company claims that the attack has been thwarted successfully and in a short time, downplaying its significance and disregarding any real impact.

“Following the news of the cyber attack on the systems of Mahan Airlines, it is reported that due to the position of Mahan Airlines in the country’s aviation industry, such attacks have been carried out against this company many times and at different times, so that they may be damaged,” reads the translated tweet by Mahan airlines.

Also Read: How To Secure Your WiFi Camera: 4 Points To Consider

“This is considered a normal occurrence and Mahan Cyber Security Team has always acted intelligently and in a timely manner and has thwarted these attacks. Therefore, it hereby announces that all Mahan flights will be operated according to the schedule and future flights will be operated according to the previous schedule.”

Mahan's announcements on Twitter
Mahan’s announcements on Twitter
Source: Twitter

Targeting a sanctioned entity

Mahan Air was added to the US sanctions list in 2011 for supporting members of Iran’s Islamic Revolutionary Guard Corps (IRGC).

In 2019, the US Treasury published a statement on Mahan Air’s operation, detailing the following:

“Mahan Air has transported IRGC-QF operatives, weapons, equipment, and funds abroad in support of the IRGC-QF’s regional operations, and has also moved weapons and personnel for Hizballah.”

“Since the onset of the Syrian civil war, Mahan Air has routinely flown fighters and materiel to Syria to prop up the Assad regime, which has contributed to mass atrocities and displacement of civilians.”

Although Mahan’s operations oppose American strategic interests, which led to actual military action in July 2020, the hackers responsible for the most recent incident don’t seem to be Americans.

Also Read: How Formidable is Singapore Cybersecurity Masterplan 2020?

The actor who took responsibility for the cyberattack on Mahan Air is ‘Hooshyarane Vatan,’ who sees IRGC as their enemy and says they fight for the rights of the Ahwaz minority (Iranian Arab minority).

The hackers claim to have stolen confidential documents exposing how Mahair Air has worked with the IRGC and threatened to publish names, numbers, and proof of Mahan’s activities.

“Hacking Mahan Airlines is the first step of a program to stop the looting and encroachments of the corrupt corps on the city and the people of Ahvaz and Khuzestan. With the confidential documents we have obtained from the internal network of Mahan Airlines, we will prove our claim of Mahan complicity in the criminal activities of the IRGC, and we will also show that the Quds force is looting the money and resources of the people and the country of Iran among insurgent groups,” reads a translated text from the alleged hackers.

“And the foreign militia squanders money and at the same time uses the same oppressed people as cover for the air transport of weapons, equipment and ammunition.”

Hacker's taking responsibility for the Mahan hack
Hackers taking responsibility for the Mahan hack

As the actors wrote on their Telegram channel, they have proof of the airline hiding military shipments in civilian flights to secure them from attacks.

Iran tensions with the Western world

Last week, a crescendo of reports about Iranian hackers targeting American, Israeli, and European entities took place. At the same time, Microsoft published a report identifying six distinct Iranian hacking groups that appear to be state-sponsored.

This reporting culminated with the indictment of two Iranian cyber-actors who attempted to influence American voters between September and November 2020, promoting false information under the ‘Proud Boys’ attire.

Both of the identified actors allegedly worked for a cybersecurity company that provided services to the Iranian government.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us