Cyber Incident Victim: Ministry of Labour and Social Protection of the Republic of Azerbaijan

In December 2015, Armenian hacker group The Monte Melkonian Cyber Army (MMCA) breached servers belonging to Azerbaijan’s Ministry of Labour and Social Protection and Ministry of Emergency Situations. The attackers exfiltrated sensitive documents and images containing citizen data, including resumes, family records, national identification cards, and passport numbers. MMCA representatives stated the attack was retaliation for border clashes earlier that month involving the deaths of three Azerbaijani soldiers and one Armenian soldier. The group claimed to have maintained unauthorized access to the ministries’ systems for over a month prior to public exposure of the breach. After leaking the stolen data via Facebook, the compromised servers had their IP addresses blocked to disrupt further access. MMCA declined to disclose the specific vulnerabilities exploited during the intrusion when questioned by media.

The compromised data exposed personally identifiable information of Azerbaijani citizens, though the exact number of affected individuals was not quantified in available reports. This incident followed MMCA’s July 2015 leak of identification documents for 5,000 Azerbaijani citizens and their November 2015 breach of Azerbaijan’s Central Bank, which exposed customer banking records. Historical context indicates persistent cyber hostilities between Armenian and Azerbaijani groups, exemplified by Azerbaijani hackers targeting Armenian presidential and ministry websites in June 2014. The attacks occurred against the backdrop of unresolved military and diplomatic tensions stemming from the Nagorno-Karabakh territorial dispute, with no formal diplomatic relations existing between the nations at the time of the incident. No statements from the Azerbaijani ministries regarding remediation efforts or technical investigations were documented in the source material.