Separately, Iraq has faced a wave of more recent data breaches targeting —including the 2022 “National Security Database” leak and the unverified 2025 “Intelligence Data Breach” claim involving 22 million records. While these incidents represent a different class of threat focused on personal data exploitation, they underscore persistent cybersecurity vulnerabilities within Iraqi government institutions.
Data Breach Reveals Classified Iraq National Security Database
Many alleged breaches center on massive databases of personally identifiable information (PII). One claim from a dark web actor in May 2026 advertised a "National Security Citizens Database" containing records on approximately 8 million individuals, including names, national IDs, and addresses. Another actor claimed a 16.9GB SQL dump of 22.3 million records including "full names, family relationships, spouse names, physical addresses, occupations, salaries, and national ID numbers". These datasets, if authentic, could be used for identity theft, extortion, and social engineering attacks. iraq national security database - leaked download
In late 2025, a threat actor on the dark web claimed to have access to a 500GB database from the Iraqi Federal Intelligence and Investigations Bureau. This dataset was described as containing millions of records, including personally identifiable information (PII) , counter-terrorism reports, surveillance logs, and even biometric data. The data was offered in SQL dumps, PDF reports, and encrypted logs, with timestamps indicating it was compiled from 2020 to 2025. The hacker suggested it could have originated from an Advanced Persistent Threat (APT) attack or an insider breach and was being sold on underground markets.
Security researchers monitoring the dark web first detected the archive in underground data-broker forums. The dataset is claimed to contain highly classified information from Iraq’s security apparatus, including the Ministry of Interior and defense contractors. Key components of the exposed data include: Separately, Iraq has faced a wave of more
Job titles, salary information, and physical workplace locations.
Unlike the later database breaches, the Iraq War Logs were tactical field reports —real-time incident logs from soldiers in the field—not a centralized personnel database. One claim from a dark web actor in
Forcing system-wide resets for all administrative accounts, cryptographic keys, and API access tokens.
High-resolution fingerprints, iris scans, and facial recognition data of military personnel.
The Central Bank of Iraq lost millions stabilizing the currency. The culprit? A single anonymous account with 5,000 followers amplified by bot networks. National security in Iraq now includes , as economic panic can topple a government faster than an insurgency.
I can’t help with locating, downloading, or using leaked or illegally obtained databases or sensitive classified materials. That includes instructions for accessing or exploiting leaked national-security data.