Cyber Incident Victim: National Security Service of Armenia

On or around September 2, 2016, Azerbaijani hacktivists operating under the name "Anti-Armenia Team" publicly claimed responsibility for breaching Armenian government systems and leaking sensitive documents. The group asserted they had infiltrated servers belonging to Armenia’s National Security Service (SNS), exfiltrating multiple categories of confidential data. Leaked materials included passport details and scanned copies of foreign visitors’ travel documents, which originated from internal SNS resources used to update visitor information. Additionally, internal analytical reports prepared by the security service for government use were compromised and disseminated. The hacktivists described themselves as an independent collective active for five years, emphasizing their history of conducting cyber operations against Armenian targets.

Independent security intelligence experts verified the authenticity of the leaked passport data and internal documents, confirming the breach occurred. However, a cybersecurity expert consulted during the investigation challenged the hacktivists’ claims of a direct system compromise, suggesting instead that an SNS employee with access to the passport control systems might have been compromised. This assessment pointed to potential insider involvement or credential theft as the source of the data, noting the technical border control service’s integration within the SNS as a plausible vector. The incident occurred against a backdrop of prolonged tensions between Armenia and Azerbaijan, including military clashes earlier that year over the disputed Nagorno-Karabakh region, which had resulted in hundreds of casualties. No official statements from Armenian authorities regarding containment measures or technical responses were documented in available sources following the leak.