A new data breach affecting Algerian government systems has surfaced on the dark web and social media. The threat actor Solomon Staff claims to have maintained access for over 6 months inside Algeria’s critical GOV.dz IT infrastructure, collecting terabytes of data in the process.
They are now starting to leak portions of the data, beginning with citizen records from the Tindouf and Béchar regions.
According to the actor’s posts on dark web forum and X, the data set includes:
- Full names
- Dates of birth
- Father and mother names
- National Identification Numbers (NIN)
- Phone numbers
- Emails
- Residential addresses
- Business names
- Commercial register details
- And more
Shared samples already reveal identification documents, driver’s licenses, and vehicle registrations — with clear personal information exposed.
The actor further claims that many of the exposed individuals are members of the Polisario Front — escalating the political sensitivity of the breach. They also state that they possess a larger dump covering citizens across Algeria, to be released in future waves.
This is a highly concerning incident — not only due to the long-term access maintained inside Algeria’s government systems, but also because of the sensitive nature of the leaked records.
With personal data already circulating online, affected individuals — especially those linked to contested groups — may face heightened risk of targeting or surveillance.
Algerian authorities need to act quickly to assess how such persistent access was maintained, secure their infrastructure, and mitigate further data exposure.