Cyber Incident Victim: Al Zahra Private Medical Centre
Date:
Aug 2016
Location:
United Arab Emirates
Summary
Al Zahra Private Medical Centre in the UAE experienced a website breach by a hacker known as "websites-hunter," who publicly disclosed the incident to expose inadequate security practices. The compromised data included over 4,400 job applicant records containing names, contact details, and resumes, alongside 644 patient feedback entries with personally identifiable information and sensitive medical details such as treatment reasons and insurance challenges. The attacker’s intent centered on highlighting security vulnerabilities, though the specific method of intrusion remained unidentified. At the time of reporting, the medical center had not publicly acknowledged the incident or provided confirmation of the breach despite notification attempts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around August 31, 2016, an individual using the alias "websites-hunter" compromised the web systems of Al Zahra Private Medical Centre, a United Arab Emirates-based outpatient facility operating under the Gulf Medical Projects Company. The attacker publicly announced the breach on Twitter and Pastebin on August 31, claiming unauthorized access to the center's data repositories. Analysis of the sample data provided by the hacker revealed two primary compromised datasets containing sensitive information. The first was a spreadsheet documenting job applicants spanning July 2011 to July 2016, containing 4,400 records with names, professional titles, email addresses, mobile numbers, application messages, and resume attachment statuses. The second dataset consisted of 644 patient feedback entries recorded between April 2011 and July 2016, which included visit dates, patient names, email addresses, mobile numbers, nationality data, and detailed medical service comments. These feedback entries explicitly referenced patients' medical treatment reasons, insurance challenges, and other clinically sensitive disclosures, significantly elevating the privacy implications beyond basic contact information exposure.
No public acknowledgment of the incident appeared on Al Zahra Private Medical Centre's website following the breach disclosure. DataBreaches.net attempted to notify the organization through its web contact form on September 5, 2016, seeking confirmation of the intrusion, but received no immediate response according to available records. The attacker's Twitter profile explicitly stated an intent to expose and embarrass entities with inadequate cybersecurity measures, though the specific intrusion methodology remained undocumented in public reporting. The compromised data's five-year temporal scope exposed both current and former patients and job seekers to potential identity theft, medical privacy violations, and targeted social engineering attacks. The inclusion of nationality data in patient records introduced additional risks of discriminatory targeting or profiling. Forensic details regarding intrusion detection timelines, containment measures, system remediation, or victim notifications were not verifiable from publicly available sources at the time of initial reporting.