Brinztech Alert: Database of tiras.co.il is Leaked

Dark Web News Analysis

A threat actor on a known cybercrime forum has leaked the alleged database of tiras.co.il, an Israeli entity. This claim, if true, represents another casualty in the massive, ongoing hybrid cyber-war targeting Israel.

My analysis of the leaked data fields (business_name, description, keywords) indicates that tiras.co.il is a B2B directory or business listing platform. The leaked data includes business identifiers, contact information (names, emails, phone numbers), addresses, and encrypted passwords.

This is not an isolated criminal act. It is a textbook example of the politically motivated hacktivism that has surged against Israel throughout 2024 and 2025. Groups like “NoName057(16),” “Arabian Ghosts,” and others involved in campaigns like #OpIsrael have been conducting high-volume, opportunistic attacks, targeting any accessible Israeli entity—from government and defense to civilian B2B platforms like this one—to leak data and cause disruption. This leak provides a “who’s-who” of Israeli businesses for other attackers to target with follow-on attacks.

Key Cybersecurity Insights

This alleged data breach presents a critical and immediate threat:

• Sensitive Data Exposure: The leak includes critical personally identifiable information (PII) such as email addresses, contact persons, and phone numbers, which can be exploited for targeted phishing, spam campaigns, or identity theft.
• Credential Compromise Risk: The presence of “encrypted passwords” poses a significant risk. If the encryption is weak or easily reversible, or if users have reused passwords across multiple services, their accounts could be compromised.
• Business Intelligence & Social Engineering Threat: The exposure of business_name, description, keywords, and extra_info1 provides attackers with valuable intelligence that can be used to craft highly convincing social engineering and Business Email Compromise (BEC) attacks against the affected businesses.
• Geopolitical Hacktivism: This leak is a clear example of a low-sophistication, high-impact hacktivist attack, where the goal is to dump any available data from a “trophy” target within a conflict zone to make a political statement.

Mitigation Strategies

In response to this claim, the company and all affected businesses must take immediate action:

• Mandatory Password Reset and MFA Implementation: Immediately advise all users and contacts associated with tiras.co.il to reset their passwords, emphasizing the importance of strong, unique passwords and recommending the activation of Multi-Factor Authentication (MFA) on all critical accounts.
• Comprehensive Data Breach Notification: tiras.co.il should promptly and transparently notify all affected individuals and businesses about the data breach, detailing the types of information compromised and providing clear guidance on protective measures.
• Enhanced Monitoring for Targeted Attacks: All listed businesses must increase vigilance for phishing attempts, spear-phishing, BEC, and credential stuffing attacks targeting their employees, leveraging this leaked data.
• Review and Strengthen Data Security Posture: Conduct an urgent internal audit of data storage, access controls, and encryption practices. Prioritize upgrading password hashing algorithms to industry-standard, robust methods (e.g., bcrypt, scrypt, Argon2) and enforce a principle of least privilege for data access.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com