Iranian Intelligence-Linked cybersecurity academy suffers data breach exposing student records
Learn More
The Ravin Academy, a cybersecurity training institution with ties to Iran's Ministry of Intelligence and Security, repors a data breach that compromised the personal information of more than 1,000 current and former students.
The organization confirmed the security incident in a statement posted to its Telegram channel on October 22, 2025, acknowledging that one of its online platforms had been targeted in a cyberattack.
Ravin Academy presents itself publicly as a cybersecurity education provider offering courses in both defensive and offensive security disciplines. The institution has been subject to comprehensive international sanctions since October 2022.
Ravin Academy did not disclose the nature of the attack apart from characterizing it as an attempt to undermine confidence in Iranian security and damage the reputation of the academy. The stolen dataset was published on a dedicated website. The exposed data includes:
- Names
- Phone numbers
- Telegram usernames
- National ID numbers (in certain cases)
- Details of classes attended (supplied to Gharib but not made publicly accessible)
Investigation into the leaked records revealed that many individuals appearing in the database are associated with academic institutions, with a subset working as professors at Western universities. Individuals often worked or studied in engineering fields including mechanical engineering, electrical engineering, fluid dynamics, and machine learning, though few were directly linked to computer science or cybersecurity disciplines.
