Incident Overview

A threat actor using the handle "xploitleaks" claims to have obtained one of the biggest and most confidential databases ever from Iran. The breach allegedly affects Nazdika, described as Iran's biggest chatting service. The threat actor is offering the database exclusively through Telegram.

• Service Description: Iran's biggest chatting service (Nazdika)
• Database Size: Over 150GB of plain text data
• Claim Significance: One of the biggest and most confidential databases ever from Iran
• Database Content: Private conversations, personal shared media files, and documents
• Private Conversations: Complete chat message history
• Personal Shared Media: Images, videos, and other multimedia files shared in chats
• Documents: Files and documents exchanged through the platform
• Message Metadata: Complete metadata including IDs, paths, and timestamps
• Data Fields: id, _index, _source/imagePath, _source/message, _source/replyId, _source/senderId, _source/targetId, _source/timestamp
• Message Aliases: pv-messages-alias identifiers
• Sample Data: Multiple message entries visible with Persian/Farsi text content, phone numbers, and message IDs
• Contact Method: @xploitleaks_support (Telegram)
• Availability: Only available at https://t.me/xploitleaks
• Distribution: Exclusive Telegram-only sale