“Your actions will cost you a heavy price,” the group said in a string of ominous messages on the messaging app, sharing screenshots of server login credentials, the names and details of employees as well as the personal details of Tirana residents.
Albania has been the headquarters of the People’s Mojahedin Organization of Iran, better known as Mojahedin-e-Khalq, or MEK, since 2013 when the U.S. government requested that a camp be built to host the exiled opposition group that participated in the overthrow of the Shah of Iran and then clashed with the Revolutionary Guard.
A special-purpose camp was built in Manëz, and was visited by U.S. officials including then-Vice President Mike Pence. In 2023, Albanian police raided the camp after receiving information that a unit of the Iranian Quds Force was operating there and trying to subvert it.
The capital’s website remained down Saturday afternoon and the server outage could cause disruptions across transportation services, the issuance of passports and licenses — and expose the sensitive personal data of nearly 800,000 Tirana residents.
“The past 10 to 12 years have shown that public institutions are easily hackable and that the Albanian government has not appreciated the issue of cybersecurity at all,” said Edmond Liçaj, a cybersecurity expert.
Liçaj said Albania has a “criminally low” sensitivity to the seriousness of personal data leaks. Such leaks are still seen as little more than “routine annoyances,” he said, despite the government’s push to digitalize its services as the current EU membership frontrunner in the Balkans.
