Overview of Important Threat Intelligence Events Released

-: Information on a senior officer of the Israeli Air Force has been unprecedentedly exposed.

Objective: 50 senior Israeli Air Force officers (including F-16/F-35 pilots, UAV commanders, maintenance supervisors, and air strike planning officials). Leaked content: Full names, ID numbers, military ranks, phone numbers, home addresses, photos, and job details.

Handala Statement: In response to the occupying regime's atrocities against the Palestinian people, it declares that the security wall has collapsed, threatening officers and their families. Immediate Impact: High—significant increase in personal security risks for officers, potentially used for physical tracking or targeted attacks; severe damage to air force operational morale and confidentiality.

-: The payment system was hacked.

Goal: Verifone (POS terminals and payment systems), an Israeli payment solutions provider. Breach/Compromise: Transaction and financial data were fully extracted, causing large-scale disruption to payment systems. Handala Statement: Direct response to the Zionist regime's airstrikes on banking infrastructure, warning cooperating enterprises of more severe consequences. Immediate Impact: Medium to High—Financial transaction disruptions may affect Israel's retail and international payment chains; risk of data theft persists.

. -: (Head of the Iran Desk at the Israeli Security Agency) Email was hacked.

Objective: Raz Zimmt (Head of the Iran Desk at the Institute for National Security Studies, Israel). Leaked Content: Over 50,000 confidential emails, including a $300,000 monthly Mossad budget, plans for internal sabotage in Iran, blueprints for Operation Reza Pahlavi, maps of secret Iranian sites, and a list of all Iranian collaborators. Handala Statement: Overnight destruction of networks built over many years, declaring the end of the era of covert operations. Immediate Impact: Extremely high—Iran-related intelligence networks completely exposed, collaborators likely to be arrested; Mossad's strategic planning for Iran paralyzed.

. -: (Former Director, Executive Director of the Israel Institute for National Security Studies) Email compromised

Objective: Tamir Hayman (also mentions Amos Yadlin, Sima Shine, etc.). Leaked Content: 50,000 confidential emails and strategic dialogues. Handala Statement: Satirical retaliation for their past actions, mocking their national security responsibilities. Immediate Impact: High—exposure of internal communications and strategic planning within Israel's top intelligence echelons, leading to a collapse of leadership credibility.

-: Hebrew University of Jerusalem Hacked

Objective: Hebrew University (huji.ac.il) full servers. Destruction/Leak: 48TB of critical data permanently erased (education, research, finance, etc.); an additional 23TB of sensitive data extracted (personal information, emails, archives of hundreds of thousands of students and staff). Statement: Quds Day operation, declaring "you bomb, we hack"; Jerusalem is no longer safe either. Immediate Impact: Extremely high—university operations completely disrupted, large-scale leakage of academic and personal data, potentially usable for subsequent social engineering or physical threats.

-: The identity of a senior Israeli naval officer has been completely exposed.

Objective: 50 senior Israeli naval officers. Leaked content: Full details including names, photos, ranks, home addresses, personal phone numbers, etc. Proof/Link: handala-redwanted.to. Handala Statement: Serving to close the Strait of Hormuz, warning of the end of the era of anonymity, threatening their families and international partners. Immediate Impact: High – direct threat to the personal and family security of senior naval personnel; loss of confidentiality in maritime operations.

. -: (Former Deputy Director of Strategic Planning, current Deputy Director) was compromised.

Goal: Laura Gilinski and INSS (Institute for National Security Studies). Leaked Content: Over 100,000 top-secret emails; complete database of INSS experts/agents (including residential and office addresses); records of $149 million in Mossad black funds from 2012 to 2026. Handala Statement: Exposed INSS's anti-Iran projects; the database has been added to the missile strike target list. Immediate Impact: Extremely high—Mossad/INSS financial and personnel networks fully exposed; blueprints for anti-Iran operations made public.

. -: (Former Deputy Director, Head of Iran Desk) Email compromised

Objective: Sima Shine (currently the head of Israel's most secretive intelligence agency). Leaked content: Over 100,000 top-secret emails (including records of anti-Islamic/anti-Shiite conspiracies and surveillance on Handala). Handala statement: Humiliates Mossad's reputation and exposes its anti-Islamic conspiracies. Immediate impact: Extremely high—complete exposure of Mossad's core intelligence personnel and institutional operations.

-: Medical Technology Company Suffers Data Wipe

Goal: American medical technology giant Stryker (200,000+ critical systems). Damage: 12PB (12,000TB) of data permanently erased within hours. Evidence: Screenshots of the operation are attached to the page. Handala Statement: No defense wall can stop them; they claim to continue targeting others. Immediate Impact: Extremely high—core corporate data completely lost, potentially affecting the global medical supply chain (though not within Israel itself, it constitutes retaliatory cross-border strikes).

. -: (Former Budget Director, Current Chief Financial Officer) "Secret Treasury" Exposed

Objective: Ilan Steiner (Mossad Research and Analysis Wing). Leaked Content: Over 50,000 confidential emails and documents (including secret project funding, infiltration groups, propaganda networks, sponsor identities, and transfer channels). Handala Statement: This is just the beginning, and it will compel global accountability. Immediate Impact: Extremely high—complete collapse of Mossad covert financial and operational networks.

-: The member list of the channel (formerly " ") has been leaked.

Goal: Iranian channel Vahid Online with 180,000 members. Leaked content: Complete member list and mobile phone numbers. Handala statement: Mockingly renamed as Vahid Offline from now on. Immediate impact: Medium – Privacy exposure of members in a pro-regime channel within Iran, potentially used for social engineering or internal division (slightly deviating from the theme of Israeli attacks, indicating Handala may also target internal enemies).

Overall Threat Intelligence Analysis Activity Timeline and Scale: Within just 9 days from March 9 to 17, 2026, Handala launched 11 public attacks, forming a dense combination of intelligence gathering, disruption, and intimidation. The early phase focused on military doxxing (Air Force/Navy), the mid-phase shifted to Mossad/INSS senior email accounts (with an emphasis on Iran-related targets), the later phase expanded to academic (university data wiping) and commercial sectors (Verifone, Stryker), and ultimately even involved internal Iranian targets.

Tactical Approach:

Email Leak (5 incidents): 50K–100K confidential emails, password uniformly handala, distributed via Storjshare. Doxxing (2 incidents): Officers' personal information posted on redwanted.to, explicitly threatening physical security. Data Erasure (2 incidents): 48TB university data + 12PB Stryker data, emphasizing permanent destruction. Financial/Payment Disruption (1 incident): Verifone targeted as direct retaliation for airstrikes.