INC Ransom Claims Saudi Arabia’s Tatweer Buildings Company Data Breach, Publishes Samples 

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer

The INC Ransom hacking group has claimed responsibility for a significant ransomware attack targeting Saudi Arabia’s Tatweer Buildings Company, a key government entity overseeing infrastructure projects in the Kingdom. 

Early indications show that the hackers have published samples of stolen data to substantiate their claims, adding to the growing list of high-profile ransomware incidents targeting critical organizations worldwide.  

Though full details remain under investigation, the INC Ransom group alleges it accessed and exfiltrated sensitive information from Tatweer Buildings Company’s systems. 

INC Ransom publishes samples allegedly proving a TBC data breach
INC Ransom publishes samples allegedly proving a TBC data breach | Source: HackManac on X

Reports suggest that data samples already released by the group include internal documents and potentially critical operational information. 

This incident underscores the evolving tactics employed by ransomware groups, which increasingly apply double-extortion methods—demanding ransom payments not only to unlock encrypted systems but also to prevent the public release of stolen data.  

Tatweer Buildings Company has yet to issue a comprehensive statement on the claimed breach’s scope. If validated, this attack could expose confidential operational strategies.

Saudi Arabia, as a regional leader with ongoing megaprojects under Vision 2030, may be seen as offering attractive targets for cybercriminals motivated by financial or strategic gains.  

Organizations in the region are increasingly navigating threats from ransomware groups like INC Ransom, which are adapting their methods to exploit vulnerabilities across both technical systems and human behavior. 


For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: