Cyber Incident Victim: Embassy of Nepal in Washington

On May 24, 2015, the official website of Nepal’s Embassy in Washington, D.C. (nepalembassyusa.org) was compromised by hackers identifying themselves as the Moroccan Islamic Union-Mail (MIUM). The attackers replaced the embassy’s legitimate content with a defacement page displaying an anti-American political message criticizing U.S. military involvement in Iraq. The defacement specifically targeted American soldiers who died during the Iraq War, featuring the statement: "Iraq is the Cemetery of American … hello to the death that awaits you at the hands of the Mujahideen in Iraq." Visitors attempting to access routine embassy services, including visa information, were confronted with this message. The hackers confirmed to media outlet HackRead that they selected the Nepali Embassy as a target due to Nepal’s heightened global visibility following a major earthquake, believing this would maximize dissemination of their message. Evidence of the hack was publicly documented through a Zone-H mirror link (ID 24367414), preserving a copy of the defaced page.

The incident disrupted the embassy’s digital services during the defacement period, though the duration of the outage was not specified in available reports. Historical records indicated this was not the first security breach affecting the embassy’s website, with previous compromises occurring in May 2011 by Iranian hackers and May 2014 by an Arab hacker. No technical details regarding the attack vector, remediation efforts, or embassy responses were disclosed in the source material. The recurring pattern of May breaches across multiple years was noted, but no explanatory analysis or attribution beyond the hackers’ self-identified affiliation was provided. The defacement’s primary operational impact was the temporary unavailability of legitimate embassy content for public users.