Iranian-linked hacktivist group Nasir Security is claiming a data breach of Yad Vashem, the World Holocaust Remembrance Center in Jerusalem, and has published proof-of-concept files that allegedly include visitor records, donor data, and reservation details for high-profile political figures and heads of state. The claim has not been independently verified, and Yad Vashem had not issued any public statement at time of publication. The post appeared on April 15, 2026 — Holocaust Remembrance Day in Israel.
What the Alleged Proof of Concept Shows
Nasir Security published multiple screenshot files and CSV data exports alongside its claim. The material purportedly originates from Yad Vashem’s visitor management and CRM systems and allegedly includes contact records, reservation details, phone numbers, and VIP visitor designations. Among the records visible in the published files are entries that appear to belong to sitting heads of state and senior political figures from multiple countries, including what appear to be contact details and official government email addresses. BreachNews reviewed the PoC files but is not publishing the names, contact information, or details of any individuals identified in the material.
The published CSV files contain what appear to be donor and visitor records with names and contact details spanning multiple countries. The data structure and field naming conventions are consistent with a Salesforce-based CRM or visitor management platform. The volume and internal consistency of the published files — multiple CSV exports, structured database records, and reservation screenshots — goes beyond what typically accompanies an unsubstantiated claim, though independent verification has not been completed at time of publication.
About Nasir Security
Nasir Security, also known as Nasir Resistance, is an Iran-linked hacktivist group active since October 2025 and believed to have ties to Hezbollah. The group has carried out a series of high-profile breach claims across the Middle East and beyond since the escalation of the US-Israel-Iran conflict in early 2026. BreachNews previously covered the group’s alleged breach of Dubai International Airport, in which Nasir Security published passport photographs, luggage scanner images, and traveler data from one of the world’s busiest aviation hubs — material that independent researchers subsequently assessed as authentic, though the airport itself did not confirm the breach. The group also claimed a breach of the Kuwait Ministry of Interior amid active Iranian strikes in the region.
Security researchers at Resecurity have assessed Nasir Security as a legitimate threat actor operating in the Iranian cyber proxy ecosystem. Resecurity notes the group tends to access larger organizations through supply chain vendors and has a pattern of overstating the scope of its intrusions. Whether the Yad Vashem claim represents direct access or a third-party compromise has not been established.
Timing and Context
The claim was published on Holocaust Remembrance Day, a date that carries significant weight in Israel and internationally. Yad Vashem serves as Israel’s national Holocaust memorial and research institution, housing more than 230 million items of Holocaust-era documentation, art, photographs, and artifacts. The site receives millions of visitors annually including heads of state, diplomatic delegations, and senior officials from across the world, making its visitor and donor database a high-value intelligence target regardless of the group’s stated motivations.
The Yad Vashem claim fits a broader pattern of Iranian-aligned hacktivist operations targeting Israeli and Western institutions that BreachNews has tracked throughout 2026. For background on that campaign, see our profiles on Handala Hack and coverage of the Ababeel Minab attack on Vyncs GPS.
