VERIFIED · ANONYMIZED · ACTIONABLE

Saudi Cyber Case Study Hub

Real Saudi cyber incidents — anonymized — with lessons learned & framework violations

6 CASES 2022–2024 SAMA · NCA · PDPL

6Cases shown

3Critical

3High

SAR 200.5MTotal impact

🔒 ANONYMIZED 🏦 Banking CRITICAL

2023

Major Saudi Bank — Insider Ransomware Attack

A privileged IT administrator at a top-tier Saudi bank used elevated credentials to deploy ransomware across 12 servers before resignation. The attack encrypted customer transactio...

SAMA CSFPDPLISO 27001

SAR 8.5MFinancial impact

340,000Records

Read Analysis →

🔒 ANONYMIZED 💳 Fintech HIGH

2023

Fintech Startup — API Key Exposed on GitHub

A developer at a Riyadh-based payment fintech accidentally pushed production API keys and database credentials to a public GitHub repository. The credentials were scraped by automa...

SAMA CSFPDPL

SAR 1.2MFinancial impact

85,000Records

Read Analysis →

🔒 ANONYMIZED 🏛️ Government CRITICAL

2022

Government Ministry — Supply Chain Compromise

A state-sponsored threat actor compromised a software vendor used by multiple Saudi government ministries. The malicious update was installed on 340 government workstations, enabli...

NCA ECCNCA CCCISO 27001

SAR 45MFinancial impact

ClassifiedRecords

Read Analysis →

🔒 ANONYMIZED 🏥 Healthcare HIGH

2024

Private Hospital Group — Patient Records on Misconfigured S3

A private hospital group in Jeddah stored scanned patient medical records in an AWS S3 bucket configured as public. The misconfiguration exposed 290,000 patient files including dia...

PDPLNCA ECCISO 27001

SAR 3.8MFinancial impact

290,000Records

Read Analysis →

🔒 ANONYMIZED ⚡ Energy CRITICAL

2022

Energy Infrastructure — OT Network Lateral Movement

A threat actor gained initial access via a VPN credential stuffing attack on IT systems, then pivoted to the Operational Technology (OT) network through an unsegmented IT/OT bounda...

NCA ECCIEC 62443ISO 27001

SAR 120MFinancial impact

N/ARecords

Read Analysis →

🔒 ANONYMIZED 📡 Telecom HIGH

2023

Telecom Operator — SIM Swap Fraud at Scale

Fraudsters bribed telecom employees to perform unauthorized SIM swaps on high-net-worth customer accounts. Over 3 months, 847 accounts were compromised, enabling attackers to bypas...

NCA ECCPDPL

SAR 22MFinancial impact

847Records

Read Analysis →

📊 Impact Summary

Major Saudi Bank — Insider Ransomwa… SAR 8.5M

Fintech Startup — API Key Exposed o… SAR 1.2M

Government Ministry — Supply Chain … SAR 45M

Private Hospital Group — Patient Re… SAR 3.8M

Energy Infrastructure — OT Network … SAR 120M

Telecom Operator — SIM Swap Fraud a… SAR 22M

⚖️ Most Violated Controls

IAM / Privileged Access 5/6

Network Segmentation 4/6

PDPL Notification 4/6

Backup & Recovery 3/6

Third-party Risk 3/6

Ask ARIA about any case — gap analysis, remediation plan for your org, or compliance assessment against SAMA, NCA, and PDPL.

🔗 Related Resources

⚡ Incident Simulator 📅 PDPL & SAMA Deadlines 🛡️ CVE Database 📋 Security Assessment

Saudi Cyber Case Study Hub

Introduce Yourself

Sign In Required