The Albanian Parliament announced late Tuesday that it had been hit by a cyberattack, as a result of which some of the data in several user accounts of administration employees was deleted.
"The preliminary technical assessment indicates that this could be a sophisticated cyber attack, which aimed to delete data and compromise several internal systems," the Parliament's announcement states.
The parliament did not say where the attack came from, but earlier in the day a hacker group, identified as Homeland Justice, claimed responsibility for the attack and stressed on its Telegram account that "we will not let supporters of MEK terrorists sleep peacefully for a moment."
MEK, or Mojahedin-e-Khalq, is an Iranian opposition group also known as the People's Mujahedin Organization of Iran and has long been sheltered in Albania.
Homeland Justice is a Russian-sponsored website that appeared before the cyberattacks on the state portal e-Albania, in mid-July 2022.
According to Microsoft's analysis, a group affiliated with the Iranian government is behind the website, which is responsible for the cyber attack.
This group of hackers has previously carried out cyber attacks against several institutions in Albania.
Monday's cyberattack comes at a time when security concerns have increased in Albania after Iran launched retaliatory attacks on countries where American military bases exist immediately after the United States and Israel began bombing Tehran on December 28.
In the past, Homeland Justice has published personal data of Albanian citizens and stated that the cause of the cyberattacks is related to Albania's decision to shelter the Iranian opposition in the Manza camp.
Meanwhile, initial investigations into the March 10 attack have shown that the institution's core work infrastructure was not affected, he said.
It is also announced that the official website of the Parliament and other systems that support the institution's activities continue to operate normally.
After the incident was noticed, measures were taken to neutralize the attack, while technical teams are working to recover deleted data from user accounts, the Assembly emphasized.
The hacker group published some of the hacked documents on March 10.
The Assembly said that after the attack, "technical support was also offered by international partners, with whom communication is continuing to assess the situation and further steps."
It has also set up a joint technical and investigative team to uncover the source of the attack and restore the affected data.
