The initial panic spread quickly, but the facts behind the incident turned out to be far less dramatic than first believed. Contrary to early fears, the National Land Registry Agency was not the target of a cyberattack. The documents that ended up online weren’t stolen from the agency’s core systems, but rather accessed through external accounts used by notaries to reach public digital platforms.
A group calling itself Jabaroot claimed responsibility on Telegram, posting a collection of files it alleged were proof of a massive government-level data breach. The group described the release as retaliation for what it called Moroccan misinformation about an alleged freeze on Algerian assets. The leaked materials reportedly include property deeds, notarized contracts, and ID documents—tens of thousands of them, according to the hackers.
But according to sources familiar with the matter, the agency’s internal systems were never breached. Instead, the data appears to have been pulled from compromised professional accounts used by notaries. A few login credentials were all it took to access a limited set of documents that were already viewable online through official channels.
This detail makes all the difference. It separates a full-blown cyberattack on state servers from a data leak caused by weaknesses in third-party access points. Notaries are granted secure entry to platforms such as those of the land registry agency or the tax authority to carry out their work. While these connections are essential for daily operations, they also create possible security gaps if those professionals don’t adequately protect their credentials.
What this case really highlights is a broader challenge: how do you secure a digital system when outside users need constant, legitimate access to it? In a decentralized digital landscape, the line between authorized use and accidental exposure can be dangerously thin.
Although the full scope of the breach is still being assessed, one thing is already clear: the damage was limited in scale and didn’t stem from a failure of public infrastructure. Instead, it points to a peripheral weakness—a warning sign for regulated professions that it’s time to double down on digital security.
