The leak attributed to the group Handala should not be considered just another routine cyberattack incident. It serves as an indication that hostile actors are now treating personal data as a weapon of intimidation. According to the Wall Street Journal, the pro-Iranian hacker group Handala claimed to have published the names and details of 2,379 US Marines stationed in the Persian Gulf region. Stars and Stripes reported that US Central Command referred inquiries to the Naval Criminal Investigative Service, while American authorities continue to examine the authenticity of the leaked information.
Threats via WhatsApp and fears of family surveillance
The most alarming element is not only the data leak itself but the method of pressure. Task & Purpose reported that some US military personnel received threatening messages via WhatsApp, implying they were being monitored. Handala also claims to possess residential addresses, family details, information on bases, and even the daily habits of service members. Whether the claims are entirely true or exaggerated, the goal is clear: to make members of the US armed forces and their families feel exposed and vulnerable.
New field of war: Psychological pressure through cyberattacks
Washington, according to the analysis, must treat the incident as a matter of force protection and not merely a privacy breach. The US Department of Justice has already linked Handala’s infrastructure to Iranian cyber-psychological operations. Reuters reported that the group quickly restored its online presence after US authorities seized its domains, demonstrating the resilience of these "proxy" cyber operations.
Handala and the Iranian cyber warfare network
Handala is part of a broader pattern of Iranian operations in cyberspace. Security Week notes that the group has appeared under different names, while Check Point Research identifies it as Void Manticore, an Iranian threat actor linked to destructive attacks and data leak operations. Unit 42 has also described Handala as one of the most prominent pro-Iranian groups combining data theft with political propaganda.
Evidence shows escalation of the threat
Google Cloud M-Trends 2025 recorded an increase in cyber operations linked to Iran, as well as an improvement in infiltration methods. The CSIS recently warned that Iranian cyber activity remains a serious threat to US organizations. Meanwhile, a joint warning from CISA and the FBI stated that Iranian campaigns combine data theft with online threats and harassment. Total figures for cybercrime are also concerning. Microsoft, in its Digital Defense Report 2025, states that state actors are using increasingly targeted and mass cyber-influence techniques. The FBI’s Internet Crime Report 2025 estimated losses from cybercrimes at nearly $21 billion. IBM estimated that the average global cost of a data breach reaches $4.4 million, while Verizon found that third-party involvement in breaches doubled to 30%.
Why the Persian Gulf makes the situation more dangerous
The Persian Gulf is not a typical troop deployment region. The US Naval Forces Command reports that the 5th Fleet’s area of responsibility covers approximately 2.5 million square miles and includes three critical strategic points: the Strait of Hormuz, the Suez Canal, and the Bab el-Mandeb. US Central Command covers a total of more than 4 million square miles and over 560 million people. In such a tense region, even a phone number, an address, or a movement pattern can acquire operational significance.
"Personal data is now a matter of national defense"
The US possesses a massive "digital target surface." According to USAFacts, active-duty military personnel numbered approximately 1.34 million in December 2025. Every service member now leaves behind a digital footprint: old passwords, family social media, messaging apps, travel habits, and data from commercial data brokers. Pro-Iranian hacker groups do not need to steal a classified war plan if they can create a convincing intimidation profile from scattered personal data. The analysis concludes that the Pentagon must react immediately, offering identity protection to military personnel and families, controlling contact detail leaks, and treating family security as part of operational security. Handala's message, as noted, is clear: "We can reach you even outside the base." And the American response must now view military personnel's personal data not as an administrative detail, but as a critical element of national defense.
www.bankingnews.gr
Σχόλια αναγνωστών