Cyber Incident Victim: Ziv Medical Center

On December 1, 2023, Iran-linked hackers claimed responsibility for a cyberattack on Ziv Medical Center in Safed, Israel, alleging the theft of over 500 gigabytes of sensitive data. The stolen information reportedly included hundreds of thousands of patient records, with the attackers specifying that 100,000 documents pertained to Israeli Defense Forces personnel. This marked the third cyberattack targeting the hospital within a four-month period. The Health Ministry and Israel National Cyber Directorate confirmed detecting a suspected cyber intrusion in the hospital's computer systems, stating the incident was promptly identified and contained without disrupting medical operations. The hacker group publicized their claims on Telegram, sharing screenshots of medical documents dated to 2022 as evidence and threatening an unspecified "another surprise" in future communications.

In response to the breach, Ziv Medical Center and the Justice Ministry's Privacy Protection Authority issued a joint statement acknowledging indications of information leakage from hospital systems. Authorities imposed a gag order to remove compromised content from public platforms and enacted criminal prohibitions against using, transferring, or distributing leaked personal data, with warnings of legal action against violators. The hospital implemented temporary security measures including restrictions on external email communications and disconnection of select computer services. Public advisories urged vigilance against suspicious messages purporting to originate from the hospital, emphasizing avoidance of unverified links or attachments. No operational disruptions to medical services were reported following containment efforts.