Cyber Incident Victim: Muslim Directory
Date:
Feb 2014
Location:
United Kingdom
Summary
A hacker using the alias @th3inf1d3l breached a UK-based Islamic community platform, compromising 38,903 user credentials including emails, plaintext passwords, full names, phone numbers, addresses, and workplace details, though not all accounts contained complete information. The attacker publicly leaked the data through Pastebin and stashbox.org under the #OpFuckMohammad campaign, citing Islamophobic motivations and claiming infiltration across British institutions. This incident marked a resurgence of activity by the same threat actor, who had previously conducted similar operations targeting the platform.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 17, 2014, a hacker operating under the alias "@th3inf1d3l" publicly disclosed a breach of the UK-based website muslimdirectory.co.uk, leaking 38,903 user credentials through online platforms. The attacker announced the compromise via their Twitter account, directing followers to a Pastebin link containing a manifesto, server and database details, and a secondary link to stashbox.org hosting the full dataset. Exposed information included full names, email addresses, plaintext passwords, phone numbers, physical addresses, and place of business affiliations for affected users. The hacker claimed the attack under the banner of #OpFuckMohammad, a campaign they had previously orchestrated, explicitly citing Islamophobic motivations by stating "Islamaphobia in full swing." Server IP address 79.170.44.95 was identified as the compromised infrastructure hosting the Muslim Directory service. Not all compromised accounts contained complete credential sets, though the presence of unencrypted passwords indicated inadequate security practices for password storage.
The leaked data revealed user affiliations with diverse British institutions, including hospitals, financial organizations, and municipal councils, with the hacker asserting that even a small percentage of "non-peace-loving" account holders represented security risks across critical sectors. Forensic analysis of the Pastebin message confirmed the attacker's intent to expose perceived infiltration risks rather than financial motives. No evidence suggested immediate fraudulent use of the credentials, though the plaintext nature of the passwords enabled credential-stuffing attacks against other services. The breach marked a resurgence of @th3inf1d3l's activities after a period of inactivity, aligning with their historical pattern of ideologically motivated attacks. Muslim Directory's operator did not issue a public statement referenced in the source material, leaving mitigation and notification efforts undocumented in available reporting.