Almost 800 Hungarian government email addresses and associated passwords are circulating online, revealing basic vulnerabilities in the security protocols of ministries involved in classified and sensitive work.

A Bellingcat analysis of breach data shows that 12 out of the government’s 13 ministries have been affected, which in some cases have exposed the confidential information of military personnel and civil servants posted abroad. 

Among those affected were a senior military officer responsible for information security, a counter terrorism coordinator in the foreign affairs department, and an employee whose role was to identify hybrid threats against the country.

The revelations come as Hungarians head to the polls this Sunday to decide if Viktor Orbán, leader of the right-wing populist party Fidesz and the country’s longest-serving prime minister, will be elected to a fifth consecutive term.

This is not the first time that deficiencies in the Hungarian government’s IT security have been revealed. In 2022, ahead of Hungary’s last election, Direkt36 reported that Russia’s intelligence services had gained access to the computer network of the Hungarian foreign ministry, including its internal communications channels.

It said Russian cyber attacks against the Hungarian government had been occurring for at least a decade and extended to the foreign ministry’s encrypted network for transmitting classified data and confidential diplomatic documents.

At the time, the foreign ministry denied it had been hacked. But in 2024, news outlet 444 published a letter that had been sent from Hungary’s National Security Service to the foreign ministry six months before the cyberattack was first reported. The letter linked the attacks to Russia and described more than 4,000 workstations and 930 servers as “unreliable”.

As part of this new analysis, Bellingcat identified a total of 795 unique email and password combinations among thousands of search results for Hungarian government domains in breach databases. Key departments that handle the country’s governance, defence, foreign affairs and finances were the worst affected.

The analysis does not include central government agencies that operate under the government’s official ministries and use separate domains, such as the tax and customs administration or the police – meaning breaches affecting government employees could be even more widespread.

The findings are not evidence of high-tech infiltration of Hungarian government systems. Instead, our analysis indicates that the breaches are more likely the result of poor digital hygiene. In many cases, staff used simple passwords along with their government email addresses for what appear to be non-work-related matters, such as signing up to dating, music, sport and food websites.

Some government workers used easy-to-guess passwords such as variations of the word “Password” or the number sequence “1234567”. One employee whose credentials were exposed in the 2012 LinkedIn hack used the password “linkedinlinkedin”. Another, in the defence ministry, used their surname. One leaked password from an employee in the foreign affairs ministry was “embassy13hungary”. 

Multiple breaches also contained phone numbers, addresses, dates of birth, usernames and IP addresses – data that, when exposed, could pose security risks.  

Additionally, a search of breach databases showed instances where computers have been infected with malware designed to steal login credentials. These records show that 97 machines across Hungarian government departments had been compromised, with stealer logs from as recently as last month found in the data.

Bellingcat contacted the Hungarian government’s spokesperson and the Prime Minister’s office, but did not receive a response.

The Weakest Link: Searching Breach Data

Breach databases are large collections of credentials harvested from previous cyber incidents. These databases can be searched by domain to identify email addresses belonging to a specific organisation, company or government. 

Bellingcat used Darkside, a paid service by District 4 Labs, to search the main email domains assigned to each of the Hungarian government’s 13 ministries. 

In total, 795 breaches containing government emails and associated passwords were identified. But most – 641 breaches – were linked to just four central institutions. 

In the examples detailed below, staff have been anonymised. However, Bellingcat has confirmed these accounts are genuine by cross-checking the employees named in the breaches against media reports and online profiles, such as LinkedIn.  

Ministry of Interior – this “super-ministry” oversees everything from health and education to the police, immigration, disaster management and local government 

Bellingcat identified 170 sets of emails and passwords linked to the domain used by the ministry in charge of domestic affairs. Passwords used by staff in this department included “Arsenal” and “Paprika”. Some used passwords that contained only three or four letters. We traced these accounts to professional profiles and government web pages listing both junior and senior staff.

One senior official in the prison service used the password “adolf”. After it appeared in breach databases the password was changed twice – first to a five-digit number and then to what appeared to be the name for a pet dog. The passwords were subsequently breached again. Bellingcat identified this employee through several instances of their name and email address being listed on public-facing documentation, including a press release celebrating an award for outstanding professional work.  

Ministry of Defence – responsible for national defence policy and directing the country’s defence forces

The credentials of staff working for the Ministry of Defence were found in 120 compromised records. This includes a 2023 breach of NATO’s eLearning services which resulted in 42 records containing emails, passwords and phone numbers becoming public.

The breaches peaked in 2021 but continued up to 2026. Included in the data were stealer logs, indicating that machines within the department may have been infected. 

Military personnel from junior ranks to command positions were identified. A Brigadier General used a common six letter nickname, based on his own, to sign up to a film festival. A Colonel specialising in “information security” took inspiration from an English football manager for his password: “FrankLampard”. A district director used the password “123456aA”, while a high-ranking member of Hungary’s delegation to NATO used a password that translates in English to “cute”. 

Ministry of Foreign Affairs and Trade – responsible for international relations, Hungarian embassies and consulates operate under the direction of the department

The credentials of current and former foreign affairs personnel have been exposed in dozens of data breaches from 2011 to February 2026. In total, there were 107 email and password combinations linked to this government ministry. 

Among the staff affected was a deputy head of mission, consuls, diplomats and communications personnel posted in Europe, the Americas and the Middle East. These include a counter terrorism coordinator, an EU spokesperson, and an individual whose role was to identify hybrid threats to Hungary.

Although the breaches peaked in 2020, with emails being found in 42 separate breaches indexed by Darkside, MFA emails have been circulated, often with passwords, in 36 separate breaches since the beginning of 2024. The most recent breaches were in 2026.  

Simple passwords appear to have left Hungary’s foreign affairs ministry vulnerable. In some cases, employees used a password that consisted of their own name and a two digit number. Others appeared to take inspiration from pop culture: “porsche911”, “frogger” and “Batman2013” are examples of real passwords used by staff.

Ministry of National Economy – oversees economic policy and financial strategy, including budget preparation and reducing national debt

Bellingcat’s analysis shows that staff in the Ministry for National Economy suffered 99 breaches. The Ministry of Finance, which was merged into this department in 2025, had suffered 145 breaches.

Among the breached data were the credentials of a deputy state secretary, who used the password “snoopy”. Other staff members used their date of birth or the word “Jelszo” – the Hungarian word for password.

A senior advisor who currently works in the ministry had their credentials breached four times using four different passwords, including “Kurvaanyad1” (roughly translated to “your mother is a wh**e”).

Cybersecurity Not Taken Seriously

Szabolcs Dull, a political analyst and the former editor-in-chief of the independent Hungarian news websites Index and Telex, said the government had failed to prioritise data security. 

“It’s clear from the data breaches that have come to light that government agencies did not take data security seriously,” he said. 

“This suspicion arose even when Russian hackers breached the foreign ministry’s IT system. That is why I believe Hungarian politicians and the public will interpret this new information as a continuation and confirmation of the Russian hacking story.”

Dull added that he was not aware of any investigation having been launched following the 2022 revelations of the Russian hack.

Kata Kincső Bárdos, a cybersecurity expert in Hungary, said it was difficult to understand why stricter controls would not be consistently enforced in government environments handling sensitive data.

She said governments should not only apply baseline rules for passwords – such as that staff use long, unique passwords and multi-factor authentication (MFA) – but also continuously monitor for compromised credentials and suspicious access patterns.

“Without MFA, systems become significantly more vulnerable to common attack methods such as phishing and credential stuffing,” she said. “A single compromised password can provide immediate access to internal systems.” 

Bárdos added that unauthorised access to government systems should automatically trigger incident response procedures, investigation and containment measures.

“It is also important to note that targeting lower-level employees is a well-documented and common tactic,” she said. “Attackers frequently gain initial access through phishing or weak credentials and then move laterally within systems.”

---

Bellingcat’s Ross Higgins and investigative journalist Eva Vajda contributed to this article.

Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.

The post ‘Snoopy’, ‘Adolf’ and ‘Password’: The Hungarian Government Passwords Exposed Online appeared first on bellingcat.

Access to open source visuals of the current Iran conflict, which has spread to many parts of the Middle East, continues to be sporadic. Videos and photos from within Iran trickle out on social media as the Iranian internet blackout hinders the flow of digital communication. 

In past conflicts, satellite imagery has provided a vital overview of potential damage to both military and civilian infrastructure, especially when there are digital black spots or obstacles to on-the-ground reporting. But imagery from commercial providers is becoming increasingly restricted, leaving even those who have access to the most expensive imagery in the dark. 

Shortly after the war in Gaza began in 2023, Bellingcat introduced a free tool authored by University College London lecturer and Bellingcat contributor, Ollie Ballinger, that was able to estimate the number of damaged buildings in a given area. This helped monitor and map the scale of destruction across the territory as Israel’s military operation progressed. 

Bellingcat is now introducing an updated version of the open source tool — called the Iran Conflict Damage Proxy Map — focused on destruction in Iran and the wider Gulf region. 

It can be accessed here.

How it Works

The tool works by conducting a statistical test on Synthetic Aperture Radar (SAR) imagery captured by the Sentinel-1 satellite which is part of the Copernicus mission developed and operated by the European Space Agency. SAR sends pulses of microwaves at the earth’s surface and uses their echo to capture textural information about what it detects. 

The SAR data for the geographic area covered by the tool is put through the Pixel-Wise T-Test (PWTT) damage detection algorithm, which was also developed by Ollie Ballinger. It takes a reference period of one year’s worth of SAR imagery before the onset of the war and calculates a “normal” range within which 99% of the observations fall. It then conducts the same process for imagery in an inference period following the onset of the war, and compares it to the reference period. The core idea is that if a building has become damaged since the beginning of the war, then the “echo” (called backscatter) from that pixel will be consistently outside of the normal range of values for that particular area. Investigators can then further probe potential damage around this highlighted area.

The plot below shows how the process was applied to Gaza and several Syrian, Iraqi and Ukrainian cities. The bars represent the weekly total number of clashes in each place, sourced from the Armed Conflict Location Event (ACLED) dataset. The pre-war reference periods are shaded in blue, spanning one year before the onset of each conflict. The one month inference periods after the respective conflicts  began are shaded in orange. The blue and orange areas are what the tool compares. 

The plot below shows an area with a number of warehouses in Tehran’s southwest. Some of the buildings show clear damage in optical Sentinel-2 imagery (something that has to be accessed outside of the tool via the Copernicus Browser). 

Clicking on the map within the tool generates a chart displaying that pixel’s historical backscatter; the red dotted lines denote a range within which 99% of the pre-war backscatter values fall. In this example, we can see that from March 14 onwards, the backscatter values over this warehouse begin to consistently fall outside of their historical normal range. This could signal that damage has been detected in the area.

Two important aspects of this workflow are that it utilises free and fully open access satellite data, as opposed to commercial satellite services; the second is that it overcomes some key limitations of AI in this domain, the most serious of which is called overfitting. This is where a model trained in one area is deployed in a new unseen area, and fails to generalise. Because we’re only ever comparing each pixel against its own historical baseline, we don’t run into that problem. 

Accuracy

The PWTT has been published in a scientific journal after two years of review.  Its accuracy was  assessed using an original dataset of over two million building footprints labeled by the United Nations, spanning 30 cities across Gaza, Ukraine, Sudan, Syria, and Iraq. Despite being simple and lightweight, the algorithm has been recorded achieving building-level accuracy statistics (AUC=0.87 in the full sample) rivaling state of the art methods that use deep learning and high resolution imagery. The plot below compares building-level predictions from the PWTT against the UN damage annotations in Hostomel, Ukraine. True positives (PWTT and United Nations agree on damage) are shown in red, true negatives are shown in green, false positives in orange, and false negatives in purple. The graphic shows the accuracy of the tool, while also emphasising that further checks on what it highlights should be conducted to draw full conclusions.  

It is important to note that just because the tool may show a high probability of a building or buildings being damaged or destroyed, that doesn’t make it definite. 

It is best to check with any other available imagery — either open source photos and videos that’ve been geolocated by a group such as Geoconfirmed or Sentinel-2 as well as other commercial satellite imagery if it’s up-to-date for the area. At time of publication, Sentinel-2 satellite imagery still offers coverage over the area that the tool focuses on. Other commercial satellite imagery providers have limited their coverage.

What the tool excels at is highlighting and narrowing down areas so that further corroboration or further confirmation can be sought.

Testing the Tool

Using the Iran Conflict Damage Proxy Map, we can spot some of the larger areas of potential damage or destruction that have occurred since the Iran war started. 

Starting from a zoomed-out view of Tehran, there are a few spots that appear with large clusters of high damage probability. Cross-referencing these locations with open source map data from platforms like OpenStreetMap or Wikimapia, we can start finding sites that would make for likely targets – such as military sites.

One example of a potentially damaged site visible in the tool is the Valiasr Barracks in central Tehran, which was struck in the first week of the war. By going to the Copernicus Browser and reviewing the area with optical Sentinel-2 imagery, we can see clear indications of damage at the barracks.

IRGC Valiasr Barracks in Tehran:

A large Islamic Revolutionary Guard Corps (IRGC) compound near Isfahan is another example of military infrastructure that is readily visible in both the Iran Conflict Damage Proxy Map as well as Sentinel-2 imagery. 

IRGC Ashura Garrison in Isfahan:

Air bases have also been a frequent target for U.S.-Israeli strikes in Iran. The Fath Air Base just outside of Tehran, near the city of Karaj, shows the signature of potential damage when using the tool. Checking Sentinel-2 imagery shows damage to multiple large buildings on the northern side of the base.

Fath Air Base in Karaj:

The U.S. has stated that destroying Iran’s “defense industrial base” is also a goal, which makes large areas like the Khojir missile production complex east of Tehran a good location to search with this tool. The tool suggests large clusters of damage on both the eastern and western sides of the complex — near areas where solid propellant is reportedly produced and where other fuel components are reportedly made.

Khojir Missile Production Complex outside of Tehran:

Usage in the Gulf Region

While useful for providing a sense of damaged areas in Iran, the Iran Conflict Damage Proxy Map can also be used to see damage outside of Iran, particularly at sites in the region which Iran has been targeting with drones and missiles.

In the below example at Al Udeid Air Base in Qatar, which hosts U.S. Central Command’s Combined Air Operations Center, there is a notable indication of damage over a warehouse-like building at 25.115647, 51.333125. Checking the same location in Sentinel-2 imagery shows that there does appear to be damage at that warehouse — represented by a large blackened area on the white roof. According to Qatar’s Ministry of Defense, at least one Iranian ballistic missile struck the base in early March.

Al Udeid Air Base in Qatar:

Civilian sites struck by Iranian drones or missiles are also visible in the tool — though the damage has to be fairly large in order to be picked up. Something like damage to the sides of high rise buildings from an Iranian drone attack doesn’t readily appear in the tool. Sites that do appear are places like oil refineries, such as a fuel tank at Fujairah port in the United Arab Emirates. 

Fuel tanks at Fujairah Port, UAE:

Accessing the Tool

It’s important to keep in mind that the data for the Iran Conflict Damage Proxy Map is updated approximately one or two times per week as new satellite data is collected by the Sentinel-1 satellite, so it’s not meant to be a representation of real-time damage to buildings. 

Still, it can be useful for researchers to quickly gain an overview of damage throughout Iran and the Gulf where suspected strikes may have taken place and when there is no other open source information available.

You can access the Iran Conflict Damage Proxy Map here.

Similar tools using the same methodology to assess damage in Ukraine following Russia’s full-scale invasion and Turkey following the 2023 earthquake can be found here. The Gaza Damage Proxy Map can be found here. 

---

Bellingcat’s Logan Williams contributed to this report.

This article was updated on April 7, 2026, to note that Sentinel-1 and Sentinel-2 are part of the Copernicus mission developed and operated by the European Space Agency.

Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.

The post When Satellite Imagery Goes Dark: New Tool Shows Damage in Iran and the Gulf appeared first on bellingcat.

Bellingcat has identified several high-profile incidents where authorities in the United Arab Emirates have downplayed damage, mischaracterised interceptions and in some instances not acknowledged successful Iranian drone strikes on the country.

A review of official statements shows that the public account does not always align with what can be observed through open sources. This comes as the UAE faces sustained aerial attacks on civilian and economic infrastructure, challenging its image as a secure global hub for business and tourism. Hours after the United States and Israel launched coordinated attacks on Iran on Feb. 28, the Islamic Republic responded by launching an attack against US-allies in the region including the UAE. 

In the wake of the attacks, the UAE’s attorney general warned that publication of images or videos of strikes was illegal. People were also encouraged to report anyone sharing photos or videos of the strikes to authorities. 

The country’s attorney general has ordered the arrest of 35 people and said they would face an expedited trial for “publishing video clips on social media platforms containing misleading, fabricated content and content that harmed defence measures and glorified acts of military aggression against UAE.” Separately police in Abu Dhabi reported they had arrested just over 100 people on suspicion of filming incidents related to Iran’s attacks on the UAE and sharing misleading information online.

Bellingcat contacted the Dubai Media Office, the Fujairah Media Office as well as the UAE’s Ministry of Defence to understand how statements are put out and how distinctions are made between successful drone strikes and damage caused by debris. We did not receive a response by the time of publication.

“Spreading Rumours is a Crime”

During the first days of the conflict several videos were posted on social media, primarily on X, TikTok and Telegram showing footage of Iranian attacks and interceptions across the UAE. 

Around the same time the Dubai Media Office, the X account of the Government of Dubai’s press office, warned followers that legal action would be taken against those sharing “unverified material”.

 The X account of the Dubai Media Office has more than 2.3 million followers making it one of the largest state-run accounts in the country. 

“The public and media are urged to rely solely on official sources for accurate information and refrain from sharing unverified material,” the account posted.

Dubai Police issued similar warnings on social media, stating that sharing content that contradicts official announcements could lead to imprisonment of at least two years and fines of no less than 200,000 dirhams (approximately $55,000).

Despite authorities urging the public to rely on official sources only, Bellingcat found that some of the videos posted online as well as satellite imagery from the region contradicts a number of official accounts of high-profile attacks. For this piece we have only included links to videos that have already been widely published in mainstream news outlets, posted by professional journalists, or have been widely viewed on social media.

Successful Interceptions?

On March 3, a video filmed from a vessel appears to show a drone striking the port of Fujairah, one of the UAE’s most strategically important energy hubs. The port handles roughly 1.7 million barrels of oil per day and is among the world’s largest.

The drone appears to approach its target intact, with no visible sign of interception, Sam Lair, a researcher at James Martin Center for Nonproliferation Studies, told Bellingcat. 

Moments after it descends behind storage tanks, an explosion is heard and a large plume of smoke rises from the site.

On the same day, the Fujairah Media Office stated that a fire resulted from debris following a successful interception, adding that the fire had been brought under control. Satellite images captured on March 4 and 5 show thick black smoke rising from the site. NASA FIRMS data also detected fires on March 3, March 4 and March 5. By March 7, satellite imagery shows at least three storage tanks fully destroyed (25.184565, 56.345481).

Detained in Dubai, a group that provides legal advice to people detained in the UAE, said that a Vietnamese national who filmed the strike on Fujairah port had been detained by authorities after posting the footage online. 

Authorities made a similar report on March 1, stating that a fire at one of the berths of Jebel Ali Port was caused by debris from an aerial interception. Satellite imagery from the same day shows fires at two separate locations – approximately 3 km apart – within the port. One appears to be a central facility associated with fuel handling operations, connected via pipelines to surrounding storage tanks (25.00704, 55.07499). The other is a large structure (24.97953, 55.05204) in the military area of the port, which is one of the US Navy’s busiest ports in the Middle East. The New York Times previously identified an Iranian strike as the cause of the fire at the site. 

Burj Al Arab: A “Limited” Fire

Damage at Dubai’s Burj Al Arab Hotel was attributed by the Dubai Media Office to “shrapnel” from an intercepted drone and described as a “limited” fire. However, footage shows the fire extended to approximately 30 metres in height, covering approximately eight floors of the building, suggesting a far more significant incident than officially described.  

Lair told Bellingcat that the damage appeared more consistent with a direct impact. He added that if the damage had resulted from an interception it would have occurred irresponsibly close to the building.

Fairmont The Palm: Omission of Cause

On Feb. 28, the Fairmont hotel in Dubai’s Palm Jumeirah area was struck by a drone, as shown in footage verified by Bellingcat.

However the Dubai Media office did not confirm a strike took place, instead they stated  only that an “incident occurred in a building in the Palm Jumeirah area,” and urged the public not to share footage.

One video of the fire was shared by a Dubai-based Bloomberg journalist. In the replies to the journalist’s post, multiple users tagged the Dubai Police, a pattern seen across posts documenting the strikes, in an apparent effort to flag violations of the cyber-crime laws to authorities.  

The aftermath of the strike was also captured by a content-creator who has since left the UAE. 

Radha Stirling, founder of Detained in Dubai, told Bellingcat at least five people have been confirmed by the British embassy to have been charged and detained under the UAE’s cybercrime law in connection with documenting this strike. According to Stirling, authorities have sought access to individuals’ phones following incidents to determine whether they filmed or shared footage.

“Even just taking a photo is illegal, it’s illegal to share content that the government deems negative, even in a private message,” Stirling said.

Dubai International Airport: An Unacknowledged Strike

On March 7, the Dubai Media Office announced the temporary suspension of operations at Dubai International Airport, stating only that a situation was being handled under safety protocols. 

Footage that emerged online around the same time, and was verified by Bellingcat, shows a drone strike next to an airport terminal building (25.24165, 55.37498).

Stirling told Bellingcat that she has been in contact with a cabin crew member who was detained after sending an image to colleagues of Dubai airport after an explosion. 

Warda Complex: A Direct Hit

On March 1, a drone struck a residential apartment on the 19th floor of the Warda complex in Dubai (25.004320, 55.293164). Two videos filmed from different angles show the drone hitting the building directly, with no visible sign of interception. In one clip, filmed inside the apartment, a British resident says: “We’ve just been hit by a drone… I didn’t even finish my cup of tea.”

The footage shows relatively limited damage and no explosion, indicating the drone did not detonate. However, the incident appears to show a direct hit by an Iranian drone.

In contrast, statements published the same day by the Dubai Media Office describe air defence activity and attribute sounds heard across the emirate to successful interception operations. Bellingcat was unable to find any acknowledgement of a direct hit in UAE media.

These cases point to a gap between official accounts and observable evidence, raising questions about how incidents are being presented to the public.

Influencers and Narrative Control

At the same time, pro-government messaging has proliferated online. A number of near-identical videos posted by influencers promoting the UAE’s safety and leadership appeared, often using the format: “You live in Dubai, aren’t you scared?” followed by images of UAE leaders and the response: “No, because I know who protects us.” 

Analysis by the BBC found that some of these videos were uploaded within seconds of each other, suggesting coordinated activity.

Stirling told Bellingcat that influencers in the UAE, who require licences to operate, are often paid to promote official narratives. “They are seen as an asset,” she said, describing them as “almost an extension of the government.”

As of April 1, UAE media reported that a total of 12 people had been killed and 190 injured by strikes since the beginning of the war.  

“People are dying. It’s not as safe as the government is reporting. It’s not as safe as influencers are reporting. It’s like a dream narrative that you wish was true.” Stirling said.

Bellingcat also identified a number of incidents in which authorities reported deaths or injuries caused by “debris” following “successful interceptions”. In these cases, however, we were unable to identify supporting photo, video, or other independently verifiable evidence to corroborate the official account.

Notably, fewer videos of such incidents appear to have emerged online in recent weeks, likely as public awareness of detentions under the cyber-criminality law has increased.

Jonathan Dagher, head of the Middle East desk at Reporters Without Borders told Bellingcat that the UAE government was using the Iran war to further restrict independent reporting in the country. 

“When the conflict began, the government stepped up this repression, explicitly prohibiting the public (including journalists) from publishing photos or information related to the strikes, and encouraging the public to report on such incidents.”  

He added that legitimate concerns about national security should not infringe on the public’s right to information. 

“Broad and loosely worded bans on covering events, in the name of security, violate this right and expose journalists to arrest and violence.”

Bellingcat contacted the Dubai Media Office, the Fujairah Media Office as well as the UAE’s Ministry of Defence to understand how statements are put out and how distinctions are made between successful drone strikes and damage caused by debris. We did not receive a response by the time of publication.

Lana Nusseibeh, a representative of the UAE’s Foreign Ministry previously told the BBC: 

“In order for everyone to feel safe it’s important at this time that the information is credible and the sources are reliable. That is the basis of the legislation that has come into play in this State, which is obviously a tense time.” 

She added that her advice for residents, citizens, tourists and journalists in the UAE was to: “Follow the guidelines. The guidelines are there for your safety and for your protection.” 

---

Merel Zoet contributed to this report.

Bellingcat is a non-profit and the ability to carry out our work is dependent on the kind support of individual donors. If you would like to support our work, you can do so here. You can also subscribe to our Patreon channel here. Subscribe to our Newsletter and follow us on Bluesky here, Instagram here, Reddit here and YouTube here.

The post The War You’re Not Allowed to See: How the UAE Rewrites the Story of Iranian Strikes appeared first on bellingcat.