Hosting & Infrastructure / Web Hosting / Enterprise / Consumer
Israeli web-hosting provider (host of the Atraf LGBTQ platform).
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
In October 2021 the Black Shadow group breached CyberServe, ransomed it, and publicly leaked a broad dataset spanning multiple hosted sites, including the Atraf LGBTQ platform and the Machon Mor medical institute. Exposed data (roughly 1.1M records) ranged from relationship and HIV/health information to email addresses and plaintext passwords.
Full threat analysis, exploitation vectors, and principal guidance below.
11 additional sections · verified field analysis · defensive doctrine
1.1M records analyzed
CyberServe was an Israeli web-hosting provider whose customers included the Atraf LGBTQ dating/nightlife platform and the Machon Mor medical institute.
A hosting provider holds its clients' user data, which here spanned LGBTQ dating profiles, medical-institute records, and account credentials stored in plain text.
In October 2021 the Iran-affiliated group Black Shadow breached and ransomed CyberServe, then leaked customer data publicly.
The leak was among Israel's most damaging, exposing LGBTQ individuals and patients to outing and extortion and prompting national cyber-authority involvement.
• Credential stuffing against reused passwords across other platforms | • Identity verification bypass using name + date of birth combination | • SIM swap attacks where phone numbers are present | • Targeted phishing campaigns using exposed email addresses | • Doxxing risk from physical address exposure
A consumer-service breach: contact and account data supports phishing, account takeover and profile enrichment. For a high-profile principal this is targeting-grade, not merely identity-theft-grade: the combination lets an adversary locate, impersonate, or pressure the principal with little additional work.
Motivation: Hacktivism (anti-Israel), extortion
An Iran-affiliated hacking group active around 2020-2021 that breached Israeli organizations and leaked or ransomed their data for political effect, notably the Shirbit insurer (2020) and the CyberServe hosting provider hosting the Atraf LGBTQ platform (2021).
Because being associated with this breach can itself be harmful, we do not confirm whether anyone appears in it to unverified parties. Verify your identity to privately check whether your own data appears in this breach or related indexes.
We will only reveal whether a specific person appears in this breach to that person.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation