A threat actor operating under the alias PhantomAtlas has claimed responsibility for breaching Algeria’s Ministry of Post, Telecommunications, Technologies and Digital (MGPTT), as well as the Ministry of Labor. The attack, reportedly executed in under 24 hours, led to the exfiltration of over 13GB of internal government data.
According to the post, the data dump includes:
- Personal data
- Strategic and confidential documents
- Full databases from both institutions
The actor noted that access to the Ministry of Labor revealed deep structural issues and internal mismanagement, suggesting not only a leak of sensitive data, but also insight into the inner workings of Algeria’s labor systems.
The post strongly implies that this breach was conducted as a direct response to a previous incident involving CNSS (Caisse Nationale de Sécurité Sociale), hinting at a possible tit-for-tat or retaliatory campaign. The statement reads:
“What you saw as a flex has now backfired. You’ve provoked something far bigger.”
This kind of targeted response points to a deeper cyber-conflict narrative, possibly involving rival hacker groups or nation-state-backed campaigns.
The data has been made available via Telegram, a common distribution point among threat actors due to its anonymity and large file-sharing capabilities.