In recent weeks, government agencies and organizations across the Middle East and Africa have been hit by serious cyberattacks. Saudi Arabia and Tunisia, in particular, have fallen victim to major data breaches. In response, several organizations across the region have begun strengthening their defenses to prevent similar incidents from recurring.
Saudi Arabia: Government Projects Under Attack
Cybercriminals have claimed responsibility for an attack on the Tatweer Buildings Company (TBC), a key entity in Saudi Arabia’s infrastructure development projects. As proof, they published internal documents and operational data allegedly stolen during the breach.
Although there has been no official statement from authorities, the nature of the leaked information and the attack patterns suggest a double extortion tactic — demanding ransom both to decrypt data and to prevent public exposure of stolen files.
With numerous megaprojects underway under the country’s Vision 2030, Saudi Arabia has become a major target for cybercriminals. In fact, in 2024, it ranked among the top three most targeted countries in the Middle East for cyberattacks.
Tunisia: 150,000 Student Records Exposed
Another serious incident occurred in Tunisia, where the Al-Khawarizmi Computing Center, under the Ministry of Higher Education and Scientific Research, confirmed that the national university network had been breached, leading to a massive data leak.
While officials haven’t shared full details, reports say that hackers may have accessed personal data of over 150,000 students. This includes:
- National ID cards
- Photos
- Enrollment certificates
- Phone numbers
- Academic transcripts
Hackers often target schools and universities because they store large amounts of personal data. This information can be used for identity theft and targeted scams.
Regional Response Strategies
In response to escalating threats, organizations across the region have begun to implement proactive security measures:
- Dubai Police launched an online platform to educate citizens and tourists about cyber threats, how to report incidents, and ways to stay safe online.
- Gulf Bank of Kuwait introduced a Vulnerability Disclosure Program and Bug Bounty Program to engage ethical hackers and cybersecurity experts in identifying and fixing vulnerabilities proactively.
- The Nigeria Data Protection Commission (NDPC) fined MultiChoice Nigeria $500,000 for violating data protection laws and conducting illegal cross-border data transfers.
For organizations without an in-house cybersecurity team, protecting sensitive data doesn’t have to be complex or expensive. SearchInform’s Managed Security Service (MSS) is designed specifically for small and mid-sized businesses.
By combining robust security software with expert support, MSS helps detect real-time threats, prevent data leaks, and ensure regulatory compliance — all in one comprehensive package.
Start your 30-day free trial today and protect your organization with confidence.
Source: SearchInform Blog – Data breaches in Saudi Arabia and Tunisia