Analysis of Yemen Cyber Army data dump

Earlier today, I noted that the Yemen Cyber Army (YCA) had dumped another 1,000,000 records they obtained by hacking the Saudi Ministry of Foreign Affairs. This latest dump is visa data.

Here’s a bit of a summary of the newest data:

The compressed file is 73.4 MB; uncompressed, it’s one text file of 362 MB.
The total count of records is 990,584.

Most of the addresses are from the U.S. and U.K.

As noted earlier, there are numerous fields in the database, and inspection reveals that there was partial or complete information for all fields.

@Cyber_War_News, who parsed and analyzed the data dump, was able to confirm the following types of data were in the data dump: home and business addresses, business names, Passport IDs, creation dates, basic sponsor details, first and last names, and other non-critical information.

As noted in my previous post, the table format was:

VDM_ID,

vdm_visa_visakind,
VDM_EMBASSY_CODE,
VDM_VISA_NUMBER,
VDM_VISA_ISSUE_DATE,
VDM_VISA_JOB_OR_RELATION,
VDM_SPONSER_NAME,
VDM_SPONSER_NUMBER,
VDM_SPONSER_ADDRESS,
VDM_SPONSER_PHONE_NUMBER,
VDM_ENTERED,
VDM_VERIFIED,VDM_PRINTED,
VDM_PERSON_NAME,
VDM_EMBASSY_VISA_NUMBER,
VDM_EMBASSY_VISA_DATE,
VDM_NAME_OF_SERVICE_COMPANY,
VDM_BORDER_NO,
VDM_VISA_JOB_CODE,
VDM_BL_FLAG,
VDM_INTERVAL,
VDM_NATIONALITY,
VDM_APP_NO,COMPANY_ENTER_APP,
Moatmr_Iqama_Period,
Omra_Foreign_Company,
VDM_HAJJ_ADMIN,
VDP_PERSON_NAME_ARABIC_FIRST,
VDP_PERSON_NAME_ARABIC_FATHER,
VDP_PERSON_NAME_ARABIC_GRAND,
VDP_PERSON_NAME_ARABIC_FAMILY,
VDP_PERSON_NAME_ENGLISH_FIRST,
VDP_PERSON_NAME_ENGLISH_FATHER,
VDP_PERSON_NAME_ENGLISH_GRAND,
VDP_PERSON_NAME_ENGLISH_FAMILY,
VDP_PERSON_BIRTH_PLACE,
VDP_PERSON_BIRTH_DATE,
VDP_PERSON_SEX,
VDP_PERSON_SOCIAL_STATUS,
VDP_PERSON_RELIGION,
VDP_PASSPORT_NUMBER,
VDP_PASSPORT_ISSUE_DATE,
VDP_PASSPORT_ISSUE_PLACE,
VDP_PASSPORT_EXPIRY_DATE,
VDP_PASSPORT_TYPE,VDP_MAHRAM_NAME,
VDP_MAHRAM_RELATION,
VDP_ARAB48,
VDE_KSA_ENTRY_POINT,
VDE_VALIDITY_RESIDENCY_IN_KSA,
VDE_VALIDITY_BEFORE_FLIGHT,
VDE_VALIDITY_NUMBER_OF_ENTRIES,
VDE_VALIDITY_COMING_THROUGH,
VDE_NAME_OF_SERVICE_COMPANY,
VDE_EMBASSY_ORDER_NUMBER,
VDE_EMBASSY_ORDER_DATE,
VDe_car_number,vde_prpose,
vde_sau_c,
VDE_HMLA_NAME,
vdp_person_address_home,
job_rec_number,
visa_print_date,
visa_Receipt_date,
visa_senddatae,
vuserid,
vdm_deleted,
vdm_print_file,
VDM_VISA_STATE,PERSON_ID,
VDM_OWNER,
hjid,
VisaControlTransFG,
Arc_fg

Thanks to @Cyber_War_News for the details!

About the author: Dissent