Tirana City Hall hit by cyberattack, Iranian hacker group claims responsibility

Tirana City Hall hit by cyberattack, Iranian hacker group claims responsibility

Tirana’s official municipal website has been offline since early Friday morning, the result of a cyberattack allegedly carried out by the Iranian hacker group “Homeland Justice.” The group, which has previously targeted Albanian government infrastructure, claimed responsibility in a video posted on the messaging platform Telegram.

Why is this important: The breach raises renewed concerns about Albania’s cybersecurity vulnerabilities, particularly in the wake of a series of high-profile attacks in 2022 by the same group, that is allegedly sponsored by the Iranian Ministry of Intelligence and Security, that led the Albanian government to cut diplomatic ties with Iran in retaliation. Homeland Justice says it has gained control over the city’s digital infrastructure, extracted data, and wiped servers.

Context: Municipal staff have reportedly faced difficulties accessing official emails and internal systems throughout the day. While there has been no formal statement from the Municipality of Tirana, law enforcement sources confirmed that the Cybercrime Unit of the State Police has launched an investigation to assess both the scope and timeline of the intrusion.

Background: Homeland Justice became publicly known in 2022 after claiming responsibility for multiple attacks on state portals, including the websites of Parliament, INSTAT, and several public service platforms. Those attacks prompted Albania’s government to sever diplomatic relations with Iran and expel its diplomatic mission.

The latest breach—targeting a major local institution rather than a national platform—suggests a possible evolution in tactics, aiming to exploit weaker local-level defenses or send a political message through symbolic targets.

What’s next: As digital forensic teams investigate, questions are mounting over the level of access gained and the integrity of any potentially compromised data. Experts warn that the growing frequency of such attacks underlines the need for deeper investment in cybersecurity measures across all layers of government.


Go deeper