For Irancell Subscribers:
For Security Teams:
If you have stumbled upon the search term “Irancell Database Zip Download” , you are likely looking for a compressed file containing customer information belonging to Irancell, one of Iran’s leading mobile network operators. Before you click on any suspicious link or Telegram channel, it is crucial to understand what this data represents, why it is being circulated, and the severe legal and ethical risks involved.
In this long-form article, we will dissect the anatomy of this search query, examine why such databases appear online, analyze the potential contents of these files (real or fake), and outline the legal landscape in Iran regarding data privacy.
Many people search out of simple curiosity, not realizing that downloading such a file—even without using it—can be a criminal act.
, a new breach was reported involving a subscriber database for MTN Irancell Data Format : The dataset was reportedly distributed in CSV format
rather than a single zip file, though it is often archived in zip format for easier transfer.
: The leak allegedly contains sensitive personal information, including: Personally Identifiable Information (PII) : Full legal names and National ID numbers. Communication Metadata : Active mobile numbers (MSISDN). Availability : The threat actor distributed the data at no cost , which accelerated its exploitation by malicious parties. 2025 Alleged Sale Reports from December 2025
indicated a separate massive database belonging to Irancell was put up for auction on dark web forums. : The dataset purportedly contained records for 10 million subscribers Detailed Information
: Beyond basic phone numbers, this leak reportedly included: SIM card details : ICCIDs and phone numbers. Personal addresses
: Full names, postal codes, physical home addresses, and workplace addresses. 2016 Historical Breach Irancell Database Zip Download
The most famous instance of an "Irancell database" leak occurred in
, involving a database that had actually been stolen years prior. The @MTNProBot Incident
: A Telegram bot surfaced that allowed users to input an Irancell number and receive the owner's personal details, including national code and postal code. : Information for approximately 20 million users
(roughly 75% of the subscriber base at the time) was exposed. Official Response
: Iranian officials stated the data had originally been leaked roughly 2.5 years before the bot made it publicly accessible. Security Risks
Downloading or searching for "Irancell database zip" files often leads to significant security risks: Malware Risks
: Files advertised as leaked databases on unofficial sites frequently contain malware or info-stealer viruses Social Engineering
: Scammers use these databases to conduct targeted phishing or social engineering attacks using the leaked PII. Legal Implications
: In Iran, distributing or accessing such stolen data is illegal and has previously led to arrests of those responsible for dissemination. ICT Minister: Leakage Of Irancell Database Nothing New
, Iran's second-largest mobile operator, has been the subject of several major data breaches, with the most recent high-priority alerts occurring in early 2026 For Irancell Subscribers:
. These incidents typically involve the exfiltration of subscriber data, which is then advertised or sold on dark web hacker forums, often in compressed formats like Recent and Historical Breaches February/March 2026 Leak : A major data dump reportedly exposed nearly 60% of Irancell’s active subscriber base
. The leak followed a nationwide internet blackout and involved a database in a legacy Microsoft Access (MDB) format, suggesting an exfiltration from older backend systems or unsecured backups. December 2025 Alleged Sale
: A dataset purportedly containing sensitive personal information of 10 million subscribers was auctioned on a hacker forum. 2016 Massive Breach
: One of the largest breaches in Iranian history involved the loss of personal information for 20 million customers . This data was famously distributed via a Telegram bot @MTNProBot
, which allowed users to retrieve names and addresses by entering a phone number. Data Included in the Leaks
The compromised information typically includes high-risk Personal Identifiable Information (PII): Subscriber Details : Full names, National IDs (Melli codes), and customer IDs. Contact & Location
: Mobile and landline numbers, physical home addresses, workplace addresses, and postal codes. Technical Identifiers : SIM card details such as Legal and Security Risks of Downloading
Attempting to find or download a "zip" of these databases carries significant risks: Legal Violations
: In many jurisdictions, including the US and EU, downloading or possessing stolen data is . It can violate the Computer Fraud and Abuse Act (CFAA)
and general data protection regulations like GDPR, which classifies leaked datasets as "high-risk" by default. Malware Infection For Security Teams: If you have stumbled upon
: Files advertised as "database leaks" on hacker forums or suspicious websites are frequently used as bait to deliver info-stealing malware or backdoors to the downloader's system. Targeted Fraud : The data is often used by criminals for SIM swapping
attacks, identity theft, and targeted "doxing" of government employees or activists. Recommended Mitigation for Users If you suspect your data may be included in such a breach: Change Passwords : Immediately update your Irancell portal passwords. Enable MFA
: Use app-based Multi-Factor Authentication (e.g., Google Authenticator) rather than SMS-based codes, which can be bypassed via SIM swapping. Stay Vigilant
: Be wary of unsolicited calls or messages from "Irancell Support" asking for verification codes or National ID details.
Brinztech Alert: The Alleged Database of Irancell is on Sale
Assuming, for academic discussion, that a genuine leak occurred, the structure of the Irancell_Database.zip would likely resemble the following:
| Column Name | Sample Data | Risk Level |
| :--- | :--- | :--- |
| full_name | Ali Reza Mohammadi | Medium |
| national_id | 1234567890 | Critical |
| phone_number | 0912-123-4567 | Critical |
| sim_type | Permanent / Etemami | Low |
| registration_date | 2023-01-15 | Low |
| province_city | Tehran, District 5 | Medium |
With the National ID and phone number, a hacker can attempt to:
Even if you ignore the legal threats, consider the practical dangers:
You find a link on a forum or Telegram channel. The file name is something like Irancell_Full_DB_2024_By_HackerX.zip. You download it, but it requires a password. The poster asks you to pay 0.1 Bitcoin or complete a sketchy survey to get the password. This is a classic bait-and-switch. The file contains nothing but a text file advertising other scams or, worse, malware.
Irancell (officially Irancell Telecommunications Services Company) is the second-largest mobile operator in Iran. As a licensed provider, it collects Personally Identifiable Information (PII) from millions of subscribers. This data typically includes:
A "database" in this context refers to a structured collection of this information, usually stored in SQL, CSV, or Excel formats. A “Zip download” simply means the file has been compressed to reduce size for easy sharing on peer-to-peer networks, cloud drives, or messaging apps like Telegram.